--------------- QuickDiag | g3n-h@ckm@n | 2_12.08.2016.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 20/08/2016 14:14:54 Updated 12/08/2016 | 12.00 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Christine (Administrator)] - [CHRISTINE-HP] (S-1-5-21-1337958871-3204205146-398528937-1001) System: Microsoft Windows 7 Professionnel - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Professionnel |C:\Windows|\Device\Harddisk0\Partition2 Boot : Normal boot PC: HP 500B Microtower - Hewlett-Packard - IdNumber: CZC1020WNK - UUID: 1365ED00-8A53-1016-A3FF-964532E8DC97 Processor : X64 - 3200 Mhz - Pentium(R) Dual-Core CPU E5800 @ 3.20GHz BIOS Date: 08/12/10 11:36:37 Ver: 6.05 - en|US|iso8859-1 - American Megatrends Inc. - S/N: CZC1020WNK - 6.05 - HPQOEM - 20100812 CoreTemp : ? Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_103C2A8C&REV_1001\4&86B9D20&0&0001 ---------- | Video Intel(R) G41 Express Chipset - Resolution: 1280x1024 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumd64.dll,igd10umd64.dll,igdumdx32,igd10umd32 - PNPDeviceID: PCI\VEN_8086&DEV_2E32&SUBSYS_2A8C103C&REV_03\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 820637696 Inegrated Video Chipset DeviceName: Intel(R) G41 Express Chipset - DriverVersion: 8.15.10.2226 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:100 % CPU #2 value:100 % Total Overall CPU Usage value:100 % ---------- | Network Realtek PCIe FE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec NETGEAR WNA3100M N300 Wireless Mini USB Adapter : SENT:209 bytes/sec / RECVD:209 bytes/sec isatap.numericable.fr : SENT:0 bytes/sec / RECVD:0 bytes/sec Connexion au réseau local* 11 : SENT:0 bytes/sec / RECVD:0 bytes/sec isatap.{7A249C16-6580-495A-8692-DFB08537D5CE} : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:209 bytes/sec, / RECEIVE Maximum:209 bytes/sec C:\Users\Christine\AppData\Local\Microsoft\Windows\GameExplorer\{93c5e4ca-9d35-4bd8-95b1-c7327601d483}\PlayTasks\0\Penguins!.lnk ("C:\Program Files (x86)\HP Games\Penguins!\penguins-WT.exe" /launchgc /src gameexploreroem) C:\Users\Christine\AppData\Local\Microsoft\Windows\GameExplorer\{9d36fecf-a272-4632-a018-906223216b09}\PlayTasks\0\Polar Bowler.lnk ("C:\Program Files (x86)\HP Games\Polar Bowler\Polar-WT.exe" /launchgc /src gameexploreroem) C:\Users\Christine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Play HP Games.lnk (/src desktoptpd) WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000 Realtek PCIe FE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8136&SUBSYS_2A8C103C&REV_02\20000000364CE00000 WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0000 RAS Async Adapter - - - Status: - PnPID : Microsoft Teredo Tunneling Adapter - Tunnel - Microsoft - Status: - PnPID : ROOT\*TEREDO\0000 avast! Firewall NDIS Filter Miniport - - ALWIL Software - Status: - PnPID : ROOT\SW_ASWNDISMP\0000 Apple Mobile Device Ethernet - - - Status: - PnPID : Carte Microsoft ISATAP #2 - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0001 NETGEAR WNA3100M N300 Wireless Mini USB Adapter - Ethernet 802.3 - NETGEAR Inc. - Status: - PnPID : USB\VID_0846&PID_9021\00E04C000001 ---------- | Memory RAM = Total (MB) : 2062 | Free (MB) : 651 Pagefile = Total (MB) : 4123 | Free (MB) : 2028 Virtual = Total (MB) : 4194 | Free (MB) : 4039 Physical Memory 0 : Capacity: 2147483648 - DIMM0 - Posit.: - Manufacturer: Hyundai - PartNumber: HMT125U6TFR8C-H9 - S/N: 21205C12 ---------- | SID Users Administrateur : [S-1-5-21-1337958871-3204205146-398528937-500] Christine : [S-1-5-21-1337958871-3204205146-398528937-1001] HomeGroupUser$ : [S-1-5-21-1337958871-3204205146-398528937-1177] Invité : [S-1-5-21-1337958871-3204205146-398528937-501] Administrateurs : [S-1-5-32-544] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] Device Administrators : [S-1-5-21-1337958871-3204205146-398528937-1000] HomeUsers : [S-1-5-21-1337958871-3204205146-398528937-1176] ---------- | Drives E:\ -> [CDROM] | [WNA3100M] | Total : 0.1 Go | Free : 0 Go -> CDFS [ATAPI] D:\ -> [Fixed] | [HP_RECOVERY] | Total : 12.66 Go | Free : 1.54 Go -> NTFS [ATA] C:\ -> [Fixed] | [OS] | Total : 285.33 Go | Free : 54.15 Go -> NTFS [ATA] Disk Usage Information [2 total Physical Disks] Physical Drive #0 [C:, D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : IDE\DISKSAMSUNG_HD322GJ_________________________1AR10002\5&3B7390E4&0&0.0.0 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_MULTIPLE&PROD_CARD__READER&REV_1.00\058F63666433&0 ---------- | Windows updates Last detection : 2016-07-02 13:18:00 Downloaded last ones : 2016-07-02 13:18:40 Installed last ones : 2016-07-02 13:22:09 Next search : 2016-08-19 06:41:19 Windows Is Activated ---------- | Browsers IE : 11.0.9600.18347 (© Microsoft Corporation. Tous droits réservés.) FF : 47.0.0.5999 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 52.0.2743.116 (Copyright 2016 Google Inc.) Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" ---------- | FlashPlayer C:\Users\Christine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk (/prefetch:1) FlashPlayer ActiveX : 22.0.0.210 ---------- | Security AM : Malwarebytes' Anti-Malware ( 1.0.1.711) [Update : 27/02/2015 08:13:16] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Manual(3)] = Running ---------- | Running processes C:\Users\Christine\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk (/sendto:) 324 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.23418) = C:\Windows\System32\smss.exe [11/05/2016 19:51:27] CPU Usage:0 % 500 | [Owner : | Parent : 440() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 01:52:37] CPU Usage:0 % 556 | [Owner : | Parent : 500(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe [13/05/2015 14:37:48] CPU Usage:0 % 588 | [Owner : | Parent : 492() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.18540) = C:\Windows\System32\winlogon.exe [17/10/2014 17:27:01] CPU Usage:0 % 616 | [Owner : | Parent : 500(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.23452) = C:\Windows\System32\lsass.exe [18/06/2016 20:06:04] CPU Usage:0 % 624 | [Owner : | Parent : 500(wininit.exe) | ?????] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [17/05/2013 18:00:55] CPU Usage:0 % 732 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 812 | [Owner : | Parent : 556(services.exe) | ?????] - (.Hewlett-Packard - HPFSService Application.) - (5.0.1.2) = C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [12/12/2009 03:57:20] CPU Usage:0 % 848 | [Owner : | Parent : 556(services.exe) | ?????] - (.McAfee, Inc. - Drive Encryption for HP ProtectTools Service.) - (5.0.6.0) = C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [02/02/2010 03:09:48] CPU Usage:0 % 896 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 968 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 108 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 464 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 424 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:15 % 1040 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1168 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1244 | [Owner : | Parent : 556(services.exe) | ?????] - (.Avast Software s.r.o. - avast! Service.) - (10.2.2218.942) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [30/06/2015 17:46:41] CPU Usage:0 % 1252 | [Owner : | Parent : 108(svchost.exe) | ?????] - (.Microsoft Corporation - Infrastructure d’extensibilité pour les services réseau Windows sans fil 802.11.) - (6.1.7600.16385) = C:\Windows\System32\wlanext.exe [14/07/2009 02:07:15] CPU Usage:0 % 1260 | [Owner : | Parent : 448(csrss.exe) | ?????] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.23418) = C:\Windows\System32\conhost.exe [11/05/2016 19:51:25] CPU Usage:0 % C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk (/name Microsoft.EaseOfAccessCenter) 1448 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe [15/08/2012 12:23:51] CPU Usage:0 % 1516 | [Owner : | Parent : 556(services.exe) | ?????] - (.DigitalPersona, Inc. - DigitalPersona Local Host.) - (5.0.4.527) = C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [23/01/2010 00:28:48] CPU Usage:0 % 1624 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1756 | [Owner : | Parent : 556(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.19.1728) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [25/06/2016 01:45:12] CPU Usage:0 % 1780 | [Owner : | Parent : 556(services.exe) | ?????] - (.Apple Inc. - MobileDeviceService.) - (17.364.0.84) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [02/03/2016 15:31:28] CPU Usage:0 % 1800 | [Owner : | Parent : 556(services.exe) | ?????] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe [12/08/2015 17:03:42] CPU Usage:0 % 2188 | [Owner : Christine | Parent : 556(services.exe) | 8.1 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe [18/05/2013 10:15:21] CPU Usage:0 % 2232 | [Owner : Christine | Parent : 424(svchost.exe) | 2.53 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [17/05/2013 18:01:05] CPU Usage:0 % 2340 | [Owner : Christine | Parent : 2232(taskeng.exe) | 0.53 Mo] - (.- Monitor LED Key.) - (4.3.0.3) = C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe [11/01/2011 05:17:58] CPU Usage:0 % 2404 | [Owner : Christine | Parent : 108(svchost.exe) | 27.22 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [14/07/2009 01:37:38] CPU Usage:0 % 2412 | [Owner : Christine | Parent : 588(winlogon.exe) | 7.75 Mo] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) - (5.0.4.527) = C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe [23/01/2010 00:28:46] CPU Usage:0 % 2420 | [Owner : Christine | Parent : 2328() | 46.02 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23418) = C:\Windows\explorer.exe [18/06/2016 20:05:12] CPU Usage:0 % 2928 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 2964 | [Owner : | Parent : 556(services.exe) | ?????] - (.Hewlett-Packard Development Company, L.P - PTChangeFilterService.) - (5.0.16.1) = C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [12/01/2010 19:25:26] CPU Usage:0 % 1796 | [Owner : Christine | Parent : 2420(explorer.exe) | 2.22 Mo] - (.Intel Corporation - igfxTray Module.) - (8.15.10.2226) = C:\Windows\System32\igfxtray.exe [16/10/2010 05:35:56] CPU Usage:0 % 2384 | [Owner : Christine | Parent : 2420(explorer.exe) | 1.37 Mo] - (.Intel Corporation - hkcmd Module.) - (8.15.10.2226) = C:\Windows\System32\hkcmd.exe [16/10/2010 05:35:50] CPU Usage:0 % 2140 | [Owner : Christine | Parent : 2420(explorer.exe) | 2.43 Mo] - (.Intel Corporation - persistence Module.) - (8.15.10.2226) = C:\Windows\System32\igfxpers.exe [16/10/2010 05:35:52] CPU Usage:0 % 2360 | [Owner : Christine | Parent : 2420(explorer.exe) | 1.66 Mo] - (.Microsoft Corporation - Microsoft LifeCam Device Application.) - (1.2.6.0) = C:\Windows\vVX3000.exe [20/05/2010 15:26:30] CPU Usage:0 % 2620 | [Owner : Christine | Parent : 2420(explorer.exe) | 2.17 Mo] - (.Apple Inc. - iTunesHelper.) - (12.4.1.6) = C:\Program Files\iTunes\iTunesHelper.exe [01/06/2016 13:16:26] CPU Usage:0 % 2640 | [Owner : Christine | Parent : 2420(explorer.exe) | 9.34 Mo] - (.Apple Inc. - iCloud Services.) - (45.0.0.20) = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [22/04/2016 04:42:10] CPU Usage:0 % 2320 | [Owner : | Parent : 556(services.exe) | ?????] - (.InterVideo - RegMgr Module.) - (1.0.4.0) = C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [05/01/2007 05:48:50] CPU Usage:0 % 2732 | [Owner : | Parent : 556(services.exe) | ?????] - (.CybelSoft - Service de détection matériel.) - (7.1.3.0) = C:\Program Files\ma-config.com\MaConfigAgent.exe [24/02/2014 17:08:22] CPU Usage:0 % 2332 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - MsCamSvc.exe.) - (3.22.270.0) = C:\Program Files\Microsoft LifeCam\MSCamS64.exe [20/05/2010 15:26:28] CPU Usage:0 % 2920 | [Owner : Christine | Parent : 2420(explorer.exe) | 12.75 Mo] - (.- Netgear.) - (1.1.4.27) = C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe [28/06/2016 09:35:31] CPU Usage:0 % 1736 | [Owner : | Parent : 556(services.exe) | ?????] - (.PDF Complete Inc - Dispatcher.) - (4.0.9.2001) = C:\Program Files (x86)\PDF Complete\pdfsvc.exe [11/01/2011 05:17:36] CPU Usage:0 % 1620 | [Owner : Christine | Parent : 1328() | 12.62 Mo] - (.Avast Software s.r.o. - avast! Antivirus.) - (10.2.2218.944) = C:\Program Files\AVAST Software\Avast\AvastUI.exe [30/06/2015 17:46:44] CPU Usage:0 % 2176 | [Owner : Christine | Parent : 1328() | 2.03 Mo] - (.Oracle Corporation - Java(TM) Update Scheduler.) - (2.1.67.1) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [25/07/2014 12:29:36] CPU Usage:0 % 3132 | [Owner : | Parent : 556(services.exe) | ?????] - (.Protexis Inc. - PsiService PsiService.) - (2.0.1.185) = C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [12/03/2010 00:06:06] CPU Usage:0 % 3516 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Application Virtualization Virtual Service Agent.) - (4.6.3.25281) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [08/10/2014 18:18:56] CPU Usage:0 % 3564 | [Owner : Christine | Parent : 2200() | 0.85 Mo] - (.Piriform Ltd - CCleaner.) - (5.12.0.5431) = C:\Program Files\CCleaner\CCleaner64.exe [16/11/2015 18:54:04] CPU Usage:0 % 3596 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 3632 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4311.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [17/07/2012 16:14:44] CPU Usage:0 % 3712 | [Owner : | Parent : 556(services.exe) | ?????] - (.- Wifi Service.) - (2.1.0.24) = C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [28/06/2016 09:35:41] CPU Usage:0 % 3748 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Application Virtualization Client Service.) - (4.6.3.25281) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [08/10/2014 18:18:50] CPU Usage:0 % C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk (-hunter) 3808 | [Owner : | Parent : 3632(WLIDSVC.EXE) | ?????] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4311.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [17/07/2012 16:14:44] CPU Usage:0 % 4168 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Office Client Virtualization Service.) - (14.0.7147.5000) = C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [18/03/2015 19:51:28] CPU Usage:0 % 4428 | [Owner : Christine | Parent : 516(csrss.exe) | 0.7 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.23418) = C:\Windows\System32\conhost.exe [11/05/2016 19:51:25] CPU Usage:0 % 4544 | [Owner : | Parent : 556(services.exe) | ?????] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) - (6.1.16.1) = C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [13/05/2013 21:09:20] CPU Usage:0 % 4968 | [Owner : | Parent : 556(services.exe) | ?????] - (.Apple Inc. - iPodService Module (64-bit).) - (12.4.1.6) = C:\Program Files\iPod\bin\iPodService.exe [01/06/2016 13:16:30] CPU Usage:0 % 2068 | [Owner : | Parent : 556(services.exe) | ?????] - (.McAfee, Inc. - Drive Encryption for HP ProtectTools Plugin 32 bit Service.) - (5.0.6.0) = C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [02/02/2010 03:05:52] CPU Usage:0 % 4524 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk (/tsr) ice15b2���D�t"ONENOTEM.EXEF��D�t�D'�*�4�ONENOTEM.EXEp 4932 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 5256 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [17/05/2013 18:01:13] CPU Usage:81 % 5288 | [Owner : Christine | Parent : 2412(DPAgent.exe) | 0.18 Mo] - (.DigitalPersona, Inc. - DigitalPersona 64-bit Helper Process.) - (5.0.4.4217) = C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe [23/01/2010 00:30:54] CPU Usage:0 % 5536 | [Owner : Christine | Parent : 732(svchost.exe) | 2.12 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe [14/07/2009 01:47:12] CPU Usage:0 % 5740 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 4324 | [Owner : | Parent : 556(services.exe) | ?????] - (.Hewlett-Packard Company - HP Support Assistant Service.) - (7.2.45.3) = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [04/11/2013 19:31:56] CPU Usage:0 % 3856 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1124 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Office Click-to-Run.) - (15.0.4847.1000) = C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [04/05/2014 03:29:43] CPU Usage:0 % 1076 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe [01/07/2011 15:36:43] CPU Usage:0 % 6360 | [Owner : Christine | Parent : 2232(taskeng.exe) | 0.53 Mo] - (.Facebook Inc. - Programme d'installation de Facebook.) - (1.2.205.0) = C:\Users\Christine\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/02/2014 14:40:28] CPU Usage:0 % 6548 | [Owner : | Parent : 1076(SearchIndexer.exe) | ?????] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe [01/07/2011 15:36:43] CPU Usage:0 % 7044 | [Owner : Christine | Parent : 2420(explorer.exe) | 219.09 Mo] - (.Mozilla Corporation - Firefox.) - (47.0.0.5999) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe [13/06/2016 12:37:15] CPU Usage:0 % 4040 | [Owner : Christine | Parent : 7044(firefox.exe) | 29.66 Mo] - (.SosVirus - QuickDiag.) - (12.8.2016.1) = C:\Users\Christine\Downloads\QuickDiag(2).exe [20/08/2016 13:43:53] CPU Usage:0 % 4952 | [Owner : Christine | Parent : 2420(explorer.exe) | 23.95 Mo] - (.SosVirus - QuickDiag.) - (12.8.2016.1) = C:\Users\Christine\Downloads\QuickDiag(2).exe [20/08/2016 13:43:53] CPU Usage:0 % 6568 | [Owner : | Parent : 556(services.exe) | ?????] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [17/05/2013 17:59:23] CPU Usage:0 % ---------- | MD5 [MD5.9DA3B83F80E205B6C601EEE1312FD0A0] - [18/06/2016 20:05:12] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3155.5 Ko] - (6.1.7601.23418) : C:\Windows\Explorer.exe [MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [17/05/2013 18:00:51] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe [MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 01:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe C:\Users\Christine\AppData\Roaming\ZHP\Quarantine\Continue Welcome To The FLV Player Setup Installation.lnk ( /RR) [MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 01:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.ACEDF96749861DB3DA92AE9B9D94FE72] - [11/05/2016 19:51:27] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1136 Ko] - (6.1.7601.23418) : C:\Windows\System32\Kernel32.dll [MD5.C8A7F80DB5C193DD67747A1BA4B1782E] - [18/06/2016 20:06:04] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30 Ko] - (6.1.7601.23452) : C:\Windows\System32\lsass.exe [MD5.622C96AFB07BB82C8650B47172137AC4] - [13/04/2016 09:02:48] - (.© Microsoft Corporation. - Distributed COM Services.) - [499.5 Ko] - (6.1.7601.19143) : C:\Windows\System32\rpcss.dll [MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 01:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.71C85477DF9347FE8E7BC55768473FCA] - [13/05/2015 14:37:48] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7601.18829) : C:\Windows\System32\services.exe [MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 01:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe [MD5.06BF84D26A05D400F6B3FB3D3DE0B03A] - [10/12/2015 19:38:44] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [985 Ko] - (6.1.7601.19061) : C:\Windows\System32\user32.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [17/05/2013 17:59:17] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 01:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - [17/10/2014 17:27:01] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [444.5 Ko] - (6.1.7601.18540) : C:\Windows\System32\Winlogon.exe [MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - [11/11/2015 14:31:40] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [486 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\afd.sys [MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys [MD5.059F00DEF82BF41E433B7ED465847726] - [11/09/2013 17:52:53] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.94 Ko] - (6.1.7601.18231) : C:\Windows\System32\Drivers\ataport.sys [MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.F036CE71586E93D94DAB220D7BDF4416] - [17/05/2013 17:58:06] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [17/05/2013 17:58:22] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\dfsc.sys [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [17/05/2013 17:58:06] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 01:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 02:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys [MD5.10112D850C844606419C79EE24EE6016] - [18/06/2016 20:06:05] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [156 Ko] - (6.1.7601.23452) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.F7309F42555F8AAB7144A51A1F2585B0] - [11/11/2015 14:31:30] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [928.44 Ko] - (6.1.7601.19030) : C:\Windows\System32\Drivers\ndis.sys [MD5.E47D571FEC2C76E867935109AB2A770C] - [18/06/2016 20:05:39] - (.© Microsoft Corporation. - MBT Transport driver.) - [256 Ko] - (6.1.7601.23451) : C:\Windows\System32\Drivers\netbt.sys [MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - [09/03/2016 15:09:03] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1644.94 Ko] - (6.1.7601.19116) : C:\Windows\System32\Drivers\ntfs.sys [MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 02:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [17/05/2013 18:00:22] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.1B6163C503398B23FF8B939C67747683] - [17/05/2013 17:59:05] - (.© Microsoft Corporation. - Microsoft RDP Device redirector.) - [162 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rdpdr.sys [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 02:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.04ADD18EE5CC9FBEDAEC1DD1CD0CB45E] - [12/06/2014 08:08:40] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1858.94 Ko] - (6.1.7601.18438) : C:\Windows\System32\Drivers\tcpip.sys [MD5.AA77EB517D2F07A947294F260E3ACA83] - [11/11/2015 14:31:40] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.5 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\tdx.sys [MD5.0D08D2F3B3FF84E433346669B5E0F639] - [17/05/2013 18:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL differs from file image: (..-..) - (0.0.0.0) -- : Tue Jul 05 12:04:18 2016 (..-..) - (0.0.0.0) -- : Tue Jun 14 12:25:37 2016 (..-..) - (0.0.0.0) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1036\GrooveIntlResource.dll differs from file image: (..-..) - (0.0.0.0) -- : Tue Jun 28 13:00:37 2016 (..-..) - (0.0.0.0) -- : Tue May 24 14:59:07 2016 (.Avast Software s.r.o..-.avast! Shell Extension.) - (10.2.2218.942) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll (..-..) - (0.0.0.0) -- :\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpoFeedb.dll (..-..) - (0.0.0.0) -- :\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpoSet.dll (.Intel Corporation.-.igfxres Module.) - (8.15.10.2226) -- C:\Windows\system32\igfxrFRA.lrc ---------- | Svchost.exe component call (Microsoft Files Whitelisted) C:\ProgramData\Hewlett-Packard\HP Setup\launchreg.lnk (MODE=REGISTRATION) C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk (/ReinstallApp) C:\ProgramData\Hewlett-Packard\Recovery\Links\DelRP.lnk (/DelRP) C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk (/ReinstallDriver) C:\ProgramData\Hewlett-Packard\Recovery\Links\Report.lnk (/RecoveryReport) C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk (/CDCreator) C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk (/id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{060c286e-7b14-4bf4-9936-205028416ca7}\PlayTasks\0\Blasterball 3.lnk ("C:\Program Files (x86)\HP Games\Blasterball 3\BlasterBall3-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{1187f9d7-48d4-4d09-bb9f-51951d10ea92}\PlayTasks\0\Wedding Dash.lnk ("C:\Program Files (x86)\HP Games\Wedding Dash\Wedding Dash-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{203727b9-3ead-4178-bb5e-eaaf7beb9d38}\PlayTasks\0\Virtual Villagers - The Secret City.lnk ("C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk (/id=26352374-af55-4b53-b07b-6b0288ed97df /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk (/id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{4c62c261-4bc4-4df9-9107-4f91e6a38018}\PlayTasks\0\Diner Dash 2 Restaurant Rescue.lnk ("C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Diner Dash 2 Restaurant Rescue-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{4eaa326b-dfb7-4e55-9075-8e91059e13f4}\PlayTasks\0\Jewel Quest Solitaire.lnk ("C:\Program Files (x86)\HP Games\Jewel Quest Solitaire\JQSolitaire-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{4f4fa136-6ede-454c-9495-620e06dcb70f}\PlayTasks\0\Cake Mania.lnk ("C:\Program Files (x86)\HP Games\Cake Mania\Cake Mania-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{5fe74c0f-3b4e-4d19-ba1a-45d1ca676438}\PlayTasks\0\Bejeweled 2 Deluxe.lnk ("C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Bejeweled2-WT.exe" /launchgc /src gameexploreroem) (.Apple Inc..-.Bonjour Namespace Provider.) - (3.1.0.1) -- C:\Program Files\Bonjour\mdnsNSP.dll C:\ProgramData\Microsoft\Windows\GameExplorer\{72163237-ac8c-4e1e-8b47-278bee674c52}\PlayTasks\0\Insaniquarium Deluxe.lnk ("C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\Insaniquarium-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{8dde8af6-a947-49ea-8858-e46765d3acb9}\PlayTasks\0\Bounce Symphony.lnk ("C:\Program Files (x86)\HP Games\Bounce Symphony\bounce-WT.exe" /launchgc /src gameexploreroem) ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\...\Run]) - User: AUTORITE NT\SERVICE LOCAL C:\ProgramData\Microsoft\Windows\GameExplorer\{93c5e4ca-9d35-4bd8-95b1-c7327601d483}\PlayTasks\0\Penguins!.lnk ("C:\Program Files (x86)\HP Games\Penguins!\penguins-WT.exe" /launchgc /src gameexploreroem) Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU Envoyer à OneNote - (C:\PROGRA~1\MICB8F~1\root\office15\ONENOTEM.EXE /tsr [Startup]) - User: Christine-HP\Christine iCloudServices - ("C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\...\Run]) - User: Christine-HP\Christine CCleaner Monitoring - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\...\Run]) - User: Christine-HP\Christine NETGEAR WNA3100M Genie - (C:\PROGRA~2\NETGEAR\WNA3100M\WNA3100M.exe [Common Startup]) - User: Public IgfxTray - (C:\Windows\system32\igfxtray.exe [HKLM\...\Run]) - User: Public HotKeysCmds - (C:\Windows\system32\hkcmd.exe [HKLM\...\Run]) - User: Public Persistence - (C:\Windows\system32\igfxpers.exe [HKLM\...\Run]) - User: Public VX3000 - (C:\Windows\vVX3000.exe [HKLM\...\Run]) - User: Public iTunesHelper - ("C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\...\Run]) - User: Public [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Christine\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"=C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Christine\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [16/10/2010 05:35:56] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [16/10/2010 05:35:50] "Persistence"=C:\Windows\system32\igfxpers.exe [16/10/2010 05:35:52] "VX3000"=C:\Windows\vVX3000.exe [20/05/2010 15:26:30] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ---------- | Startings up registry ¦ Folder [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] : "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BATINDICATOR] : C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [11/01/2011 05:17:58] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] : "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] : "C:\Users\Christine\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\File Sanitizer] : c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12/12/2009 03:57:38] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP KEYBOARDx] : "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Remote Solution] : %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpsysdrv] : c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [20/11/2008 20:47:28] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] : "C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LaunchHPOSIAPP] : C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [11/01/2011 05:17:58] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LifeCam] : "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDF Complete] : C:\Program Files (x86)\PDF Complete\pdfsty.exe [11/01/2011 05:17:36] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] : "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VX3000] : C:\Windows\vVX3000.exe [20/05/2010 15:26:30] ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [18/06/2016 20:06:04] [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=6737a4ab-e4d6-45e3-a0f2-559d3a9 "fCredentialLessLogonSupported"=1 "fCredentialLessLogonSupportedTSS"=1 "fCredentialLessLogonSupportedKMRDP"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= "PendingFileRenameOperations"=\??\C:\Program Files\Microsoft Office 15\ClientX64\apiclient.dll.bak \??\C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll.bak \??\C:\Program Files\Microsoft Office 15\ClientX64\msvcr100.dll.bak \??\C:\Program Files\Microsoft Office 15\ClientX64\msvcp100.dll.bak \??\C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe.bak \??\C:\Program Files\Microsoft Office 15\ClientX64\streamserver.dll.bak \??\C:\Program Files\Microsoft Office 15\Data\Updates\Apply\FilesInUse\grooveex.dll.bak \??\C:\Program Files\Microsoft Office 15\Data\Updates\Apply\FilesInUse\grooveintlresource.dll.bak \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\mxdwdrv.dll \??\C:\Windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\UniDrvUI.dll \??\C:\Windows\system32\spool\DRIVERS\x64\3\UniDrvUI.dll \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\SendToOneNote.GPD \??\C:\Windows\system32\spool\DRIVERS\x64\3\SendToOneNote.GPD \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\UniDrv.HLP \??\C:\Windows\system32\spool\DRIVERS\x64\3\UniDrv.HLP \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\SendToOneNote-pipelineconfig.xml \??\C:\Windows\system32\spool\DRIVERS\x64\3\SendToOneNote-pipelineconfig.xml \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\SendToOneNote.ini \??\C:\Windows\system32\spool\DRIVERS\x64\3\SendToOneNote.ini \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\SendToOneNoteNames.gpd \??\C:\Windows\system32\spool\DRIVERS\x64\3\SendToOneNoteNames.gpd \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\SendToOneNoteFilter.dll \??\C:\Windows\system32\spool\DRIVERS\x64\3\SendToOneNoteFilter.dll \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\UNIDRV.DLL \??\C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\UNIRES.DLL \??\C:\Windows\system32\spool\DRIVERS\x64\3\UNIRES.DLL \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\STDNAMES.GPD \??\C:\Windows\system32\spool\DRIVERS\x64\3\STDNAMES.GPD \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\STDDTYPE.GDL \??\C:\Windows\system32\spool\DRIVERS\x64\3\STDDTYPE.GDL \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\STDSCHEM.GDL \??\C:\Windows\system32\spool\DRIVERS\x64\3\STDSCHEM.GDL \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\STDSCHMX.GDL \??\C:\Windows\system32\spool\DRIVERS\x64\3\STDSCHMX.GDL \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\MSXPSINC.GPD \??\C:\Windows\system32\spool\DRIVERS\x64\3\MSXPSINC.GPD \??\C:\Windows\system32\spool\DRIVERS\x64\3\New\XPSSVCS.DLL \??\C:\Windows\system32\spool\DRIVERS\x64\3\XPSSVCS.DLL [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=DPPassFilter scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp "Authentication Packages"=msv1_0 "LsaPid"=616 "SecureBoot"=1 "ProductType"=6 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 ---------- | .LNK C:\ProgramData\Microsoft\Windows\GameExplorer\{961391a5-faff-4656-b639-9469eafbd166}\PlayTasks\0\Agatha Christie - Peril at End House.lnk ("C:\Program Files (x86)\HP Games\Agatha Christie - Peril at End House\Agatha Christie - Peril at End House-WT.exe" /launchgc /src gameexploreroem) C:\Users\Christine\AppData\Local\Microsoft\Windows\GameExplorer\{93c5e4ca-9d35-4bd8-95b1-c7327601d483}\PlayTasks\0\Penguins!.lnk ("C:\Program Files (x86)\HP Games\Penguins!\penguins-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk (/id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{9d36fecf-a272-4632-a018-906223216b09}\PlayTasks\0\Polar Bowler.lnk ("C:\Program Files (x86)\HP Games\Polar Bowler\Polar-WT.exe" /launchgc /src gameexploreroem) C:\Users\Christine\AppData\Local\Microsoft\Windows\GameExplorer\{9d36fecf-a272-4632-a018-906223216b09}\PlayTasks\0\Polar Bowler.lnk ("C:\Program Files (x86)\HP Games\Polar Bowler\Polar-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{aa8c10e5-becb-40b2-8525-b97903d0da17}\PlayTasks\0\John Deere Drive Green.lnk ("C:\Program Files (x86)\HP Games\John Deere Drive Green\DriveGreen1-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{c3c636e0-1b04-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk (/id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gameexploreroem) C:\Users\Christine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Play HP Games.lnk (/src desktoptpd) C:\ProgramData\Microsoft\Windows\GameExplorer\{c74d277e-834c-48ca-824d-f4f81f44f21e}\PlayTasks\0\Slingo Deluxe.lnk ("C:\Program Files (x86)\HP Games\Slingo Deluxe\Slingo-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk (/id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{e5541345-a785-4e1e-906e-5bf6068ba4c0}\PlayTasks\0\Chuzzle Deluxe.lnk ("C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Chuzzle Deluxe-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{f07a743d-54ae-4686-b920-3aa7f436091d}\PlayTasks\0\Build-a-Lot - The Elizabethan Era.lnk ("C:\Program Files (x86)\HP Games\Build-a-Lot - The Elizabethan Era\Buildalot5-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{f41abb66-f415-4c77-a2ae-917b23460332}\PlayTasks\0\FATE.lnk ("C:\Program Files (x86)\HP Games\FATE\Fate-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{f64371e9-e863-40ab-8ecd-dbd1e79683bf}\PlayTasks\0\Plants vs. Zombies.lnk ("C:\Program Files (x86)\HP Games\Plants vs. Zombies\Plants vs. Zombies-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{fac60ee0-3e65-46c0-862e-52d1e16fa6d1}\PlayTasks\0\Farm Frenzy.lnk ("C:\Program Files (x86)\HP Games\Farm Frenzy\Farm Frenzy-WT.exe" /launchgc /src gameexploreroem) C:\Users\Christine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\GameExplorer\{fbf67141-5205-4000-b518-428ca7b6984a}\PlayTasks\0\Jewel Quest II.lnk ("C:\Program Files (x86)\HP Games\Jewel Quest II\JewelQuest2-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{fdf91770-af7e-4c8d-bfd2-b40f6a1b7481}\PlayTasks\0\Zuma Deluxe.lnk ("C:\Program Files (x86)\HP Games\Zuma Deluxe\Zuma-WT.exe" /launchgc /src gameexploreroem) C:\Users\Christine\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk (/sendto:) C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk (startmenu) C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk (/name Microsoft.EaseOfAccessCenter) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Créez un site web.lnk (http://redirect.hp.com/svs/rdr?locale=fr_fr&c=none&bd=all&tp=onlinesvs&pf=cmdt&s=yola&TYPE=4) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Install HP Power Assistant.lnk (-exec /T:"c:\SWSETUP\APP\Applications\HP\HPPA\1.1\src\HPPA_Setup-1.1.1.6.exe" /L:"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Install HP Power Assistant.lnk") C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk (-hunter) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk (/prefetch:1) C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk (/tsr) ice15b2���D�t"ONENOTEM.EXEF��D�t�D'�*�4�ONENOTEM.EXEp C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk (/open) C:\Users\Christine\AppData\Roaming\ZHP\Quarantine\Continue Welcome To The FLV Player Setup Installation.lnk ( /RR) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk (%SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk (-NoExit -ImportSystemModules) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\- HP Game Console -.lnk ("C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe" /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Agatha Christie - Peril at End House.lnk ("C:\Program Files (x86)\HP Games\Agatha Christie - Peril at End House\Agatha Christie - Peril at End House-WIRE.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Casual Games.lnk (/id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk (/id=26352374-af55-4b53-b07b-6b0288ed97df /src gamesmenuoem) C:\ProgramData\Hewlett-Packard\HP Setup\launchreg.lnk (MODE=REGISTRATION) C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk (/ReinstallApp) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Family Games.lnk (/id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gamesmenuoem) C:\ProgramData\Hewlett-Packard\Recovery\Links\DelRP.lnk (/DelRP) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Kids Games.lnk (/id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All MMO Games.lnk (/id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gamesmenuoem) C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk (/ReinstallDriver) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bejeweled 2 Deluxe.lnk ("C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Bejeweled2-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Hewlett-Packard\Recovery\Links\Report.lnk (/RecoveryReport) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Blasterball 3.lnk ("C:\Program Files (x86)\HP Games\Blasterball 3\BlasterBall3-WIRE.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk (/CDCreator) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bounce Symphony.lnk ("C:\Program Files (x86)\HP Games\Bounce Symphony\bounce-WIRE.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk (/id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Build-a-Lot - The Elizabethan Era.lnk ("C:\Program Files (x86)\HP Games\Build-a-Lot - The Elizabethan Era\Buildalot5-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{060c286e-7b14-4bf4-9936-205028416ca7}\PlayTasks\0\Blasterball 3.lnk ("C:\Program Files (x86)\HP Games\Blasterball 3\BlasterBall3-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Cake Mania.lnk ("C:\Program Files (x86)\HP Games\Cake Mania\Cake Mania-WIRE.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{1187f9d7-48d4-4d09-bb9f-51951d10ea92}\PlayTasks\0\Wedding Dash.lnk ("C:\Program Files (x86)\HP Games\Wedding Dash\Wedding Dash-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chuzzle Deluxe.lnk ("C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Chuzzle Deluxe-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{203727b9-3ead-4178-bb5e-eaaf7beb9d38}\PlayTasks\0\Virtual Villagers - The Secret City.lnk ("C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Diner Dash 2 Restaurant Rescue.lnk ("C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Diner Dash 2 Restaurant Rescue-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Farm Frenzy.lnk ("C:\Program Files (x86)\HP Games\Farm Frenzy\Farm Frenzy-WIRE.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk (/id=26352374-af55-4b53-b07b-6b0288ed97df /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FATE.lnk ("C:\Program Files (x86)\HP Games\FATE\Fate-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk (/id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Insaniquarium Deluxe.lnk ("C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\Insaniquarium-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{4c62c261-4bc4-4df9-9107-4f91e6a38018}\PlayTasks\0\Diner Dash 2 Restaurant Rescue.lnk ("C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Diner Dash 2 Restaurant Rescue-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest II.lnk ("C:\Program Files (x86)\HP Games\Jewel Quest II\JewelQuest2-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{4eaa326b-dfb7-4e55-9075-8e91059e13f4}\PlayTasks\0\Jewel Quest Solitaire.lnk ("C:\Program Files (x86)\HP Games\Jewel Quest Solitaire\JQSolitaire-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest Solitaire.lnk ("C:\Program Files (x86)\HP Games\Jewel Quest Solitaire\JQSolitaire-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\John Deere Drive Green.lnk ("C:\Program Files (x86)\HP Games\John Deere Drive Green\DriveGreen1-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{4f4fa136-6ede-454c-9495-620e06dcb70f}\PlayTasks\0\Cake Mania.lnk ("C:\Program Files (x86)\HP Games\Cake Mania\Cake Mania-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from HP Games.lnk (/id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Penguins!.lnk ("C:\Program Files (x86)\HP Games\Penguins!\penguins-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plants vs. Zombies.lnk ("C:\Program Files (x86)\HP Games\Plants vs. Zombies\Plants vs. Zombies-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{5fe74c0f-3b4e-4d19-ba1a-45d1ca676438}\PlayTasks\0\Bejeweled 2 Deluxe.lnk ("C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Bejeweled2-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler.lnk ("C:\Program Files (x86)\HP Games\Polar Bowler\Polar-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Slingo Deluxe.lnk ("C:\Program Files (x86)\HP Games\Slingo Deluxe\Slingo-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{72163237-ac8c-4e1e-8b47-278bee674c52}\PlayTasks\0\Insaniquarium Deluxe.lnk ("C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\Insaniquarium-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Virtual Villagers - The Secret City.lnk ("C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Wedding Dash.lnk ("C:\Program Files (x86)\HP Games\Wedding Dash\Wedding Dash-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{8dde8af6-a947-49ea-8858-e46765d3acb9}\PlayTasks\0\Bounce Symphony.lnk ("C:\Program Files (x86)\HP Games\Bounce Symphony\bounce-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zuma Deluxe.lnk ("C:\Program Files (x86)\HP Games\Zuma Deluxe\Zuma-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\GameExplorer\{93c5e4ca-9d35-4bd8-95b1-c7327601d483}\PlayTasks\0\Penguins!.lnk ("C:\Program Files (x86)\HP Games\Penguins!\penguins-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{961391a5-faff-4656-b639-9469eafbd166}\PlayTasks\0\Agatha Christie - Peril at End House.lnk ("C:\Program Files (x86)\HP Games\Agatha Christie - Peril at End House\Agatha Christie - Peril at End House-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk (/id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendrier.lnk (calendar) C:\ProgramData\Microsoft\Windows\GameExplorer\{9d36fecf-a272-4632-a018-906223216b09}\PlayTasks\0\Polar Bowler.lnk ("C:\Program Files (x86)\HP Games\Polar Bowler\Polar-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk (contacts) C:\ProgramData\Microsoft\Windows\GameExplorer\{aa8c10e5-becb-40b2-8525-b97903d0da17}\PlayTasks\0\John Deere Drive Green.lnk ("C:\Program Files (x86)\HP Games\John Deere Drive Green\DriveGreen1-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Keynote.lnk (keynote) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Localiser mon iPhone.lnk (find) C:\ProgramData\Microsoft\Windows\GameExplorer\{c3c636e0-1b04-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk (/id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk (mail) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notes.lnk (notes) C:\ProgramData\Microsoft\Windows\GameExplorer\{c74d277e-834c-48ca-824d-f4f81f44f21e}\PlayTasks\0\Slingo Deluxe.lnk ("C:\Program Files (x86)\HP Games\Slingo Deluxe\Slingo-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Numbers.lnk (numbers) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Pages.lnk (pages) C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk (/id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{e5541345-a785-4e1e-906e-5bf6068ba4c0}\PlayTasks\0\Chuzzle Deluxe.lnk ("C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Chuzzle Deluxe-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Rappels.lnk (reminders) C:\ProgramData\Microsoft\Windows\GameExplorer\{f07a743d-54ae-4686-b920-3aa7f436091d}\PlayTasks\0\Build-a-Lot - The Elizabethan Era.lnk ("C:\Program Files (x86)\HP Games\Build-a-Lot - The Elizabethan Era\Buildalot5-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{f41abb66-f415-4c77-a2ae-917b23460332}\PlayTasks\0\FATE.lnk ("C:\Program Files (x86)\HP Games\FATE\Fate-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk (-tab about) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk (-tab update) C:\ProgramData\Microsoft\Windows\GameExplorer\{f64371e9-e863-40ab-8ecd-dbd1e79683bf}\PlayTasks\0\Plants vs. Zombies.lnk ("C:\Program Files (x86)\HP Games\Plants vs. Zombies\Plants vs. Zombies-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{fac60ee0-3e65-46c0-862e-52d1e16fa6d1}\PlayTasks\0\Farm Frenzy.lnk ("C:\Program Files (x86)\HP Games\Farm Frenzy\Farm Frenzy-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\GameExplorer\{fbf67141-5205-4000-b518-428ca7b6984a}\PlayTasks\0\Jewel Quest II.lnk ("C:\Program Files (x86)\HP Games\Jewel Quest II\JewelQuest2-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com\Desinstaller.lnk (/x {4E993C43-8E89-46A2-A89C-54A0CB5421DA}) C:\ProgramData\Microsoft\Windows\GameExplorer\{fdf91770-af7e-4c8d-bfd2-b40f6a1b7481}\PlayTasks\0\Zuma Deluxe.lnk ("C:\Program Files (x86)\HP Games\Zuma Deluxe\Zuma-WT.exe" /launchgc /src gameexploreroem) C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk (/name Microsoft.BackupAndRestore) C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk (startmenu) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Créez un site web.lnk (http://redirect.hp.com/svs/rdr?locale=fr_fr&c=none&bd=all&tp=onlinesvs&pf=cmdt&s=yola&TYPE=4) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Install HP Power Assistant.lnk (-exec /T:"c:\SWSETUP\APP\Applications\HP\HPPA\1.1\src\HPPA_Setup-1.1.1.6.exe" /L:"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Install HP Power Assistant.lnk") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk (/open) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Microsoft Excel Starter 2010.lnk ("Microsoft Excel Starter 2010 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Microsoft Word Starter 2010.lnk ("Microsoft Word Starter 2010 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Outils Microsoft Office 2010\Bibliothèque multimédia Microsoft.lnk ("Bibliothèque multimédia Microsoft 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Outils Microsoft Office 2010\Microsoft Office 2010 Centre de téléchargement.lnk ("Microsoft Office 2010 Centre de téléchargement 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Outils Microsoft Office 2010\Microsoft Office Picture Manager.lnk ("Microsoft Office Picture Manager 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk (%SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Outils Microsoft Office 2010\Microsoft Office Starter To-Go Device Manager 2010.lnk ("Microsoft Office Starter To-Go Device Manager 2010 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100M Genie\Désinstaller le logiciel NETGEAR WNA3100M .lnk (-GUID {D3580358-0F78-402A-BE53-2E9D06383E04} -L040c -z "-Remove") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk (-NoExit -ImportSystemModules) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\- HP Game Console -.lnk ("C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe" /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Agatha Christie - Peril at End House.lnk ("C:\Program Files (x86)\HP Games\Agatha Christie - Peril at End House\Agatha Christie - Peril at End House-WIRE.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Casual Games.lnk (/id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk (/id=26352374-af55-4b53-b07b-6b0288ed97df /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Family Games.lnk (/id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Kids Games.lnk (/id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All MMO Games.lnk (/id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bejeweled 2 Deluxe.lnk ("C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Bejeweled2-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Blasterball 3.lnk ("C:\Program Files (x86)\HP Games\Blasterball 3\BlasterBall3-WIRE.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bounce Symphony.lnk ("C:\Program Files (x86)\HP Games\Bounce Symphony\bounce-WIRE.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Build-a-Lot - The Elizabethan Era.lnk ("C:\Program Files (x86)\HP Games\Build-a-Lot - The Elizabethan Era\Buildalot5-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Cake Mania.lnk ("C:\Program Files (x86)\HP Games\Cake Mania\Cake Mania-WIRE.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Désinstaller QuickTime.lnk (/i {FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} /qf) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chuzzle Deluxe.lnk ("C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Chuzzle Deluxe-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Diner Dash 2 Restaurant Rescue.lnk ("C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Diner Dash 2 Restaurant Rescue-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Farm Frenzy.lnk ("C:\Program Files (x86)\HP Games\Farm Frenzy\Farm Frenzy-WIRE.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FATE.lnk ("C:\Program Files (x86)\HP Games\FATE\Fate-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Insaniquarium Deluxe.lnk ("C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\Insaniquarium-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk () ��Hp<�Hq<*�I3WNA3100Mb2�B~E ~ WNA3100M.exeF��Hp<�Hp<* J$WN C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest II.lnk ("C:\Program Files (x86)\HP Games\Jewel Quest II\JewelQuest2-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest Solitaire.lnk ("C:\Program Files (x86)\HP Games\Jewel Quest Solitaire\JQSolitaire-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\John Deere Drive Green.lnk ("C:\Program Files (x86)\HP Games\John Deere Drive Green\DriveGreen1-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from HP Games.lnk (/id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Penguins!.lnk ("C:\Program Files (x86)\HP Games\Penguins!\penguins-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plants vs. Zombies.lnk ("C:\Program Files (x86)\HP Games\Plants vs. Zombies\Plants vs. Zombies-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler.lnk ("C:\Program Files (x86)\HP Games\Polar Bowler\Polar-WT.exe" /launchgc /src gamesmenuoem) ---------- | AppCertDlls | AppInit_DLLs C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Slingo Deluxe.lnk ("C:\Program Files (x86)\HP Games\Slingo Deluxe\Slingo-WT.exe" /launchgc /src gamesmenuoem) ---------- | Dnsapi.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Virtual Villagers - The Secret City.lnk ("C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City-WT.exe" /launchgc /src gamesmenuoem) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Wedding Dash.lnk ("C:\Program Files (x86)\HP Games\Wedding Dash\Wedding Dash-WT.exe" /launchgc /src gamesmenuoem) C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zuma Deluxe.lnk ("C:\Program Files (x86)\HP Games\Zuma Deluxe\Zuma-WT.exe" /launchgc /src gamesmenuoem) C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Control Panel\Desktop] "ScreenSaveActive"=0 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=0 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaverIsSecure"=1 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [30/06/2011 18:06:35] "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "Browse For Folder Width"=347 "Browse For Folder Height"=328 "link"=0x1E000000 "IconUnderline"=3 [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 "Start_ShowMyGames"=0 "TaskbarSizeMove"=1 "ShowSuperHidden"=0 ""=0 [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0xFFFFFFFF [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableSecureUIAPath"=1 "SoftwareSASGeneration"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendrier.lnk (calendar) [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=19 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableSecureUIAPath"=1 "SoftwareSASGeneration"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=160 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=43 "AutoAdminLogon"=0 "DefaultUserName"=Christine [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 ---------- | Associations C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk (contacts) [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "SIGN.IE=0530D048 vpsupd.exe"=1 "SIGN.MEDIA=92344B6 install.exe"=1 "C:\Users\Christine\Downloads\chromeinstall-7u21.exe"=1 "C:\Program Files (x86)\LamyCD\LamyAccueil.exe"=1 "SIGN.IE=0998CC0 mmplugin563i-install.exe"=1 "SIGN.IE=068B7FD ZHPDiag2.exe"=1 "C:\Users\Christine\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe"=1 "C:\Users\Christine\Downloads\ccsetup413 (1).exe"=1 "C:\Users\Christine\Downloads\MuseScore-1.3.exe"=1 "C:\Users\Christine\Downloads\Piano-Virtuel-Midi-setup-6.1.exe"=1 "C:\Users\Christine\Downloads\QuickTimeInstaller.exe"=1 "C:\Users\Christine\Downloads\ZHPDiag2.exe"=1 "C:\Users\Christine\Downloads\ZHPDiag2 (1).exe"=1 "C:\Users\Christine\Downloads\ZHPDiag2 (2).exe"=1 "C:\Users\Christine\Downloads\QuickTimeInstaller (1).exe"=1 "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe"=1 "C:\Users\Christine\Downloads\mbam-setup-2.0.4.1028.exe"=1 "C:\Users\Christine\Downloads\QuickTimeInstaller (2).exe"=1 "C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe"=1 "C:\Users\Christine\Downloads\icloudsetup.exe"=1 "C:\Users\Christine\Downloads\wlsetup-web(1).exe"=1 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{66e9e969-1d47-11e0-85ee-806e6f6e6963}] : E:\autostart.exe (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Keynote.lnk (keynote) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Localiser mon iPhone.lnk (find) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk (mail) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notes.lnk (notes) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Numbers.lnk (numbers) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Pages.lnk (pages) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Rappels.lnk (reminders) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk (-tab about) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk (-tab update) "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x1721AE1F3BB1CB01 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com\Desinstaller.lnk (/x {4E993C43-8E89-46A2-A89C-54A0CB5421DA}) ---------- | Hosts 127.0.0.1 localhost ::1 localhost ---------- | @ [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\SysWOW64\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "XMLHTTP"=1 "NoUpdateCheck"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "NotifyDownloadComplete"=yes "Check_Associations"=yes "AlwaysShowMenus"=0 "DisableScriptDebuggerIE"=yes "IconCache"=rrwsjes "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0xD994113B0125CF01 "IE10TourShown"=1 "IE10TourShownTime"=0xFCC32B3B0125CF01 "DownloadWindowPlacement"=0x2C00000000000000000000000083FFFF0083FFFFFFFFFFFFFFFFFFFF10010000D500000090030000B5020000 "DefSpellLang"=fr-FR "Search Bar"=http://www.google.com/ "ImageStoreRandomFolder"=pscvucu "IE10RunOnceLastShown"=0 "DoNotTrack"=0 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "FormSuggest Passwords"=yes "FormSuggest PW Ask"=yes "ScriptDebugger_EnableHiddenTabs"=0 "StatusBarWeb"=1 "ForceGDIPlus"=0 "ShutdownWaitForOnUnload"=0 "DNSPreresolution"=8 "SpellChecking"=1 "LangToolsBroker"={5bbd58bb-993e-4c17-8af6-3af8e908fca8} "DisablePasswordReveal"=0 "DisableRequiresActiveXPrompt"= "GotoIntranetSiteForSingleWordEntry"=0 "AutoSearch"=1 "SuppressScriptDebuggerDialog"=0 "PredictedViewExpansion"=100 "PredictedViewChangeThreshold"=10 "PredictedViewChangeThresholdPaint"=10 "ContentLayerCacheExpansion"=300 "RenderingLoopMaxTime"=250 "NscSingleExpand"=0 "Error Dlg Displayed On Every Error"=no "Friendly http errors"=yes "CSS_Compat"=doctype "Expand Alt Text"=no "Display Inline Videos"=1 "Print_Background"=no "Use Stylesheets"=1 "SmoothScroll"=1 "Show image placeholders"=0 "Disable Diagnostics Mode"=no "Move System Caret"=no "Enable AutoImageResize"=yes "UseThemes"=1 "UseHR"=0 "Q300829"=0 "Cleanup HTCs"=0 "XDomainRequest"=1 "DOMStorage"=1 "EnableAlternativeCodec"=yes "JScriptProfileCacheEventDelay"=5000 "CrossfadeMinTimeoutInMS"=30000 "CrossfadeMaxTimeoutInMS"=30000 "CrossfadeCurrentTimeoutInMS"=30000 "ScrollTimeoutInMS"=6000 "IE10TourNoShow"=0 "IE10RecommendedSettingsNo"=0 "FrameTabWindow"=1 "AdminTabProcs"=1 "SessionMerging"=1 "FrameMerging"=1 "HangRecovery"=1 "DesktopTransparentCoverWindowTime"=8 "TSEnable"=1 "Isolation"=PMIL "Isolation64Bit"=0 "IsolationImmersive"=PMEM "TabShutdownDelay"=60000 "FrameShutdownDelay"=0 "MinIEEnabled"=1 "RefcountTracker"=0 "TabDragOnSingleProc"=0 "ForceBFCacheCandidacyPass"=0 "Fasterback"=1 "BackForwardInstrumentation"=0 "OperationalData"=5 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6E01000006000000DE040000B4000000 "CompatibilityFlags"=0 "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP "PlaySounds"=0 "UseSWRender"=0 "MixedContentBlockImages"=0 "Use FormSuggest"=no "AutoHide"=yes "Start Page_TIMESTAMP"=0x1E41866575A1D101 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "Start Page Redirect Cache"=http://www.msn.com/fr-fr/?pc=UE07&ocid=UE07DHP "Start Page Redirect Cache_TIMESTAMP"=0xE5DC4340F8F6D101 "Start Page Redirect Cache AcceptLangs"=fr-FR [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=IEUser@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0x8661F178C7F8CE01 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "EnableAutodial"=0 "NoNetAutodial"=0 "GlobalUserOffline"=0 "SyncMode5"=4 "ProxyHttp1.1"=0 "EnableSPDY3_0"=0 "BackgroundConnections"=1 "EnablePunycode"=1 "ShowPunycode"=0 "CreateUriCacheSize"=80 "CoInternetCombineIUriCacheSize"=80 "SecurityIdIUriCacheSize"=30 "SpecialFoldersCacheSize"=8 "DisableIDNPrompt"=0 "EnforceP3PValidity"=0 "WarnOnPostRedirect"=1 "WarnonBadCertRecving"=1 "ProxyOverride"=*.local [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Tabs"=res://ieframe.dll/tabswelcome.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | reparsepoint C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk (/name Microsoft.BackupAndRestore) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Microsoft Excel Starter 2010.lnk ("Microsoft Excel Starter 2010 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Microsoft Word Starter 2010.lnk ("Microsoft Word Starter 2010 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Outils Microsoft Office 2010\Bibliothèque multimédia Microsoft.lnk ("Bibliothèque multimédia Microsoft 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Outils Microsoft Office 2010\Microsoft Office 2010 Centre de téléchargement.lnk ("Microsoft Office 2010 Centre de téléchargement 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Outils Microsoft Office 2010\Microsoft Office Picture Manager.lnk ("Microsoft Office Picture Manager 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)\Outils Microsoft Office 2010\Microsoft Office Starter To-Go Device Manager 2010.lnk ("Microsoft Office Starter To-Go Device Manager 2010 90140066040C0000") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100M Genie\Désinstaller le logiciel NETGEAR WNA3100M .lnk (-GUID {D3580358-0F78-402A-BE53-2E9D06383E04} -L040c -z "-Remove") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Désinstaller QuickTime.lnk (/i {FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} /qf) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk () ��Hp<�Hq<*�I3WNA3100Mb2�B~E ~ WNA3100M.exeF��Hp<�Hp<* J$WN ---------- | AppCertDlls | AppInit_DLLs ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Control Panel\Desktop] "ScreenSaveActive"=0 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=0 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaverIsSecure"=1 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [30/06/2011 18:06:35] "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "Browse For Folder Width"=347 "Browse For Folder Height"=328 "link"=0x1E000000 "IconUnderline"=3 [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 "Start_ShowMyGames"=0 "TaskbarSizeMove"=1 "ShowSuperHidden"=0 ""=0 [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0xFFFFFFFF [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableSecureUIAPath"=1 "SoftwareSASGeneration"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=19 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableSecureUIAPath"=1 "SoftwareSASGeneration"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=160 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=43 "AutoAdminLogon"=0 "DefaultUserName"=Christine [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "SIGN.IE=0530D048 vpsupd.exe"=1 "SIGN.MEDIA=92344B6 install.exe"=1 "C:\Users\Christine\Downloads\chromeinstall-7u21.exe"=1 "C:\Program Files (x86)\LamyCD\LamyAccueil.exe"=1 "SIGN.IE=0998CC0 mmplugin563i-install.exe"=1 "SIGN.IE=068B7FD ZHPDiag2.exe"=1 "C:\Users\Christine\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe"=1 "C:\Users\Christine\Downloads\ccsetup413 (1).exe"=1 "C:\Users\Christine\Downloads\MuseScore-1.3.exe"=1 "C:\Users\Christine\Downloads\Piano-Virtuel-Midi-setup-6.1.exe"=1 "C:\Users\Christine\Downloads\QuickTimeInstaller.exe"=1 "C:\Users\Christine\Downloads\ZHPDiag2.exe"=1 "C:\Users\Christine\Downloads\ZHPDiag2 (1).exe"=1 "C:\Users\Christine\Downloads\ZHPDiag2 (2).exe"=1 "C:\Users\Christine\Downloads\QuickTimeInstaller (1).exe"=1 "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe"=1 "C:\Users\Christine\Downloads\mbam-setup-2.0.4.1028.exe"=1 "C:\Users\Christine\Downloads\QuickTimeInstaller (2).exe"=1 "C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe"=1 "C:\Users\Christine\Downloads\icloudsetup.exe"=1 "C:\Users\Christine\Downloads\wlsetup-web(1).exe"=1 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{66e9e969-1d47-11e0-85ee-806e6f6e6963}] : E:\autostart.exe (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x1721AE1F3BB1CB01 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts 127.0.0.1 localhost ::1 localhost ---------- | @ [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\SysWOW64\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "XMLHTTP"=1 "NoUpdateCheck"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "NotifyDownloadComplete"=yes "Check_Associations"=yes "AlwaysShowMenus"=0 "DisableScriptDebuggerIE"=yes "IconCache"=rrwsjes "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0xD994113B0125CF01 "IE10TourShown"=1 "IE10TourShownTime"=0xFCC32B3B0125CF01 "DownloadWindowPlacement"=0x2C00000000000000000000000083FFFF0083FFFFFFFFFFFFFFFFFFFF10010000D500000090030000B5020000 "DefSpellLang"=fr-FR "Search Bar"=http://www.google.com/ "ImageStoreRandomFolder"=pscvucu "IE10RunOnceLastShown"=0 "DoNotTrack"=0 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "FormSuggest Passwords"=yes "FormSuggest PW Ask"=yes "ScriptDebugger_EnableHiddenTabs"=0 "StatusBarWeb"=1 "ForceGDIPlus"=0 "ShutdownWaitForOnUnload"=0 "DNSPreresolution"=8 "SpellChecking"=1 "LangToolsBroker"={5bbd58bb-993e-4c17-8af6-3af8e908fca8} "DisablePasswordReveal"=0 "DisableRequiresActiveXPrompt"= "GotoIntranetSiteForSingleWordEntry"=0 "AutoSearch"=1 "SuppressScriptDebuggerDialog"=0 "PredictedViewExpansion"=100 "PredictedViewChangeThreshold"=10 "PredictedViewChangeThresholdPaint"=10 "ContentLayerCacheExpansion"=300 "RenderingLoopMaxTime"=250 "NscSingleExpand"=0 "Error Dlg Displayed On Every Error"=no "Friendly http errors"=yes "CSS_Compat"=doctype "Expand Alt Text"=no "Display Inline Videos"=1 "Print_Background"=no "Use Stylesheets"=1 "SmoothScroll"=1 "Show image placeholders"=0 "Disable Diagnostics Mode"=no "Move System Caret"=no "Enable AutoImageResize"=yes "UseThemes"=1 "UseHR"=0 "Q300829"=0 "Cleanup HTCs"=0 "XDomainRequest"=1 "DOMStorage"=1 "EnableAlternativeCodec"=yes "JScriptProfileCacheEventDelay"=5000 "CrossfadeMinTimeoutInMS"=30000 "CrossfadeMaxTimeoutInMS"=30000 "CrossfadeCurrentTimeoutInMS"=30000 "ScrollTimeoutInMS"=6000 "IE10TourNoShow"=0 "IE10RecommendedSettingsNo"=0 "FrameTabWindow"=1 "AdminTabProcs"=1 "SessionMerging"=1 "FrameMerging"=1 "HangRecovery"=1 "DesktopTransparentCoverWindowTime"=8 "TSEnable"=1 "Isolation"=PMIL "Isolation64Bit"=0 "IsolationImmersive"=PMEM "TabShutdownDelay"=60000 "FrameShutdownDelay"=0 "MinIEEnabled"=1 "RefcountTracker"=0 "TabDragOnSingleProc"=0 "ForceBFCacheCandidacyPass"=0 "Fasterback"=1 "BackForwardInstrumentation"=0 "OperationalData"=5 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6E01000006000000DE040000B4000000 "CompatibilityFlags"=0 "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP "PlaySounds"=0 "UseSWRender"=0 "MixedContentBlockImages"=0 "Use FormSuggest"=no "AutoHide"=yes "Start Page_TIMESTAMP"=0x1E41866575A1D101 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "Start Page Redirect Cache"=http://www.msn.com/fr-fr/?pc=UE07&ocid=UE07DHP "Start Page Redirect Cache_TIMESTAMP"=0xE5DC4340F8F6D101 "Start Page Redirect Cache AcceptLangs"=fr-FR [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=IEUser@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=2688 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0x8661F178C7F8CE01 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "EnableAutodial"=0 "NoNetAutodial"=0 "GlobalUserOffline"=0 "SyncMode5"=4 "ProxyHttp1.1"=0 "EnableSPDY3_0"=0 "BackgroundConnections"=1 "EnablePunycode"=1 "ShowPunycode"=0 "CreateUriCacheSize"=80 "CoInternetCombineIUriCacheSize"=80 "SecurityIdIUriCacheSize"=30 "SpecialFoldersCacheSize"=8 "DisableIDNPrompt"=0 "EnforceP3PValidity"=0 "WarnOnPostRedirect"=1 "WarnonBadCertRecving"=1 "ProxyOverride"=*.local [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Check_Associations"=yes "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate_win7.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Tabs"=res://ieframe.dll/tabswelcome.htm "Compat"=res://mshtml.dll/compat.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] : igfxdev.dll [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP] : DeviceNP.dll ---------- | SSODL | SEH | URLSH | STS ---------- | Toolbar [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000020000000100001003400000001000000000700005E010000060000000101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000B1C218236549D4119B18009027A5CD4F0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=54 "ITBar7Layout64"=0x13000000000000000000000030000000100003003100000001000000000700005E0100000600000001010000000000000700000001010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007B228A319F5EBD4589997F8F10CA4CF5B1C218236549D4119B18009027A5CD4F00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height64"=49 "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=0xB1C218236549D4119B18009027A5CD4F [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "UpgradeTime"=0x04B23B08E0EECF01 "TopResult"=1 "ShowSearchSuggestionsGlobal"=1 "ShowSearchSuggestionsInAddressGlobal"=1 "KnownProvidersUpgradeTime"=0x1855503E0125CF01 "Version"=4 "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}] : (@C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Skype for Business Click to Call) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}] : (@C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] ---------- | SearchScopes [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC : [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}] -> (HP ProtectTools Security Manager Extension) : c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [23/01/2010 00:30:54] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [30/06/2015 17:46:40] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d’aide de l’Assistant de connexion au compte Microsoft) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [17/07/2012 15:51:50] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -> (Google Toolbar Helper) : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [01/05/2013 20:51:26] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [19/08/2016 08:50:48] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] -> (HP Network Check Helper) : C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [28/08/2013 03:28:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}] -> (File Sanitizer for HP ProtectTools) : c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [12/12/2009 03:57:58] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}] -> (HP ProtectTools Security Manager Extension) : c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [23/01/2010 00:30:54] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre7\bin\ssv.dll [16/03/2014 13:15:16] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [30/06/2015 17:46:40] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d’aide de l’Assistant de connexion au compte Microsoft) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [17/07/2012 15:51:50] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -> (Google Toolbar Helper) : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [01/05/2013 20:51:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [19/08/2016 08:50:48] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [16/03/2014 13:15:15] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] -> (HP Network Check Helper) : C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [28/08/2013 03:28:26] ---------- | Chrome C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki] ---------- | Opera ---------- | Firefox [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "otis@digitalpersona.com"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin] - (Facebook Video Calling Plugin) : C:\Users\Christine\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0] - (Unity Player 3.5.0f5) : C:\Users\Christine\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=] - (Module iTunes Detector) : [HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] - () : C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\tbgizrkn.default\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20160604131506"); user_pref("browser.startup.homepage_override.mstone", "47.0"); user_pref("extensions.blocklist.pingCountTotal", 45); user_pref("extensions.blocklist.pingCountVersion", 9); user_pref("extensions.bootstrappedAddons", "{\"loop@mozilla.org\":{\"version\":\"1.3.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"e10srollout@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true}}"); user_pref("extensions.databaseSchema", 17); user_pref("extensions.e10sBlockedByAddons", false); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0"); user_pref("extensions.getAddons.cache.lastUpdate", 1471691973); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20160106.01"); user_pref("extensions.lastAppVersion", "47.0"); user_pref("extensions.lastPlatformVersion", "47.0"); user_pref("extensions.pendingOperations", false); user_pref("extensions.shownSelectionUI", true); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.experiment.hidden", true); user_pref("extensions.ui.lastCategory", "addons://discover/"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.xpiState", "{\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1465814247975},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.2\",\"st\":1465814247973},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.3.2\",\"st\":1465814247965}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"47.0\",\"st\":1465814248005}},\"winreg-app-global\":{\"otis@digitalpersona.com\":{\"d\":\"c:\\\\Program Files (x86)\\\\Hewlett-Packard\\\\HP ProtectTools Security Manager\\\\Bin\\\\FirefoxExt\",\"e\":false,\"v\":\"5.0.0.4218\",\"st\":1294715151866,\"mt\":1264199540000},\"wrc@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"e\":false,\"v\":\"10.3.3.13\",\"st\":1449767245344,\"mt\":1449767244299}}}"); ---------- | Active Connections TCP 127.0.0.1:5354 Christine-HP:49159 ESTABLISHED 1800 TCP 127.0.0.1:5354 Christine-HP:49160 ESTABLISHED 1800 TCP 127.0.0.1:27015 Christine-HP:49184 ESTABLISHED 1780 TCP 127.0.0.1:49159 Christine-HP:5354 ESTABLISHED 1780 TCP 127.0.0.1:49160 Christine-HP:5354 ESTABLISHED 1780 TCP 127.0.0.1:49184 Christine-HP:27015 ESTABLISHED 2620 TCP 127.0.0.1:50149 Christine-HP:50150 ESTABLISHED 7044 TCP 127.0.0.1:50150 Christine-HP:50149 ESTABLISHED 7044 TCP 192.168.0.10:50557 lon13.ff.avast.com:http ESTABLISHED 1244 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=89.2.0.1 89.2.0.2 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{027561EA-BD5E-44FA-BD2E-3FE3EB40758A}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{0E5CB0DA-2309-4323-91DF-26BC61985207}] "DhcpNameServer"=89.2.0.1 89.2.0.2 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7A249C16-6580-495A-8692-DFB08537D5CE}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{027561EA-BD5E-44FA-BD2E-3FE3EB40758A}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{0E5CB0DA-2309-4323-91DF-26BC61985207}] "DhcpNameServer"=89.2.0.1 89.2.0.2 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7A249C16-6580-495A-8692-DFB08537D5CE}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{027561EA-BD5E-44FA-BD2E-3FE3EB40758A}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0E5CB0DA-2309-4323-91DF-26BC61985207}] "DhcpNameServer"=89.2.0.1 89.2.0.2 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7A249C16-6580-495A-8692-DFB08537D5CE}] "DhcpNameServer"=192.168.1.1 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | Svchost - Netsvcs (Whitelisted) Term - : ---------- | Software [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Adobe] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\AppDataLow] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Apple Computer, Inc.] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Apple Inc.] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\AVAST Software] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Brother] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Chris Hills] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Clients] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\CyberLink] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\DigitalPersona] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Facebook] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\FileHippo.com] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Google] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Hewlett-Packard] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\HP] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\HPKEYBOARD] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\IM Providers] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\ImageViewer] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Intel] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\JavaSoft] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\JWPlugins] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\kde.org] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\KeyBoardLED_status] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Licenses] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Macromedia] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\MakeMusic] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Malwarebytes' Anti-Malware] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Mozilla] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\MozillaPlugins] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Musitek] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\MyDefrag] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\NETGEAR] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Netscape] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\ODBC] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\OpenOffice.org] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\PDFComplete] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Piriform] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Policies] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Pvm] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Skype] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\SkypeRS] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\sysinternals] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Trolltech] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Unity] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\VSRevoGroup] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Wow6432Node] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\AppDataLow\Software\Adobe] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\AppDataLow\Software\Macromedia] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\AppDataLow\Software\Unity] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\ATI Technologies] [HKLM\Software\Brother] [HKLM\Software\Clients] [HKLM\Software\cybelsoft] [HKLM\Software\Cyberlink] [HKLM\Software\DigitalPersona] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\NETGEAR] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SafeBoot International] [HKLM\Software\Sonic] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GPSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AdwCleaner] [HKLM\Software\WOW6432Node\AppDataLow] [HKLM\Software\WOW6432Node\Apple Computer, Inc.] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\Brother] [HKLM\Software\WOW6432Node\Corel] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\DigitalPersona] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\InterVideo] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Lake] [HKLM\Software\WOW6432Node\LEDPointer] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MimarSinan] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Myriad Software] [HKLM\Software\WOW6432Node\NETGEAR] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenOffice.org] [HKLM\Software\WOW6432Node\PDFComplete] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\RtWLan] [HKLM\Software\WOW6432Node\SafeBoot International] [HKLM\Software\WOW6432Node\SERCOMM] [HKLM\Software\WOW6432Node\Shortcut_Module] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\Sun Microsystems] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\Werner Schweer and Others] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\Windows] [HKLM\Software\WOW6432Node\WSWNA3100M] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives E: [13/10/2012 11:41:08] - |R| - (.Copyright (C) 2012 - EncryptD 动态链接库.) - [190976] - (1.0.0.1) - E:\EncryptDll.dll [13/10/2012 11:41:08] - |R| - (.-.) - [2537472] - (4.7.0.0) - E:\QtCore4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [2952704] - (4.7.0.0) - E:\QtDeclarative4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [9814016] - (4.7.0.0) - E:\QtGui4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [1140224] - (4.7.0.0) - E:\QtNetwork4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [2173952] - (4.7.0.0) - E:\QtScript4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [270848] - (4.7.0.0) - E:\QtSql4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [399360] - (4.7.0.0) - E:\QtXml4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [4009472] - (4.7.0.0) - E:\QtXmlPatterns4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [43008] - (0.0.0.0) - E:\libgcc_s_dw2-1.dll [05/01/2013 20:57:52] - |R| - (.© Microsoft Corporation. - MFCDLL Shared Library - Retail Version.) - [3780424] - (9.0.30729.4974) - E:\mfc90u.dll [13/10/2012 11:41:08] - |R| - (.-.) - [11362] - (0.0.0.0) - E:\mingwm10.dll [05/01/2013 20:57:50] - |R| - (.© Microsoft Corporation. - Microsoft® C++ Runtime Library.) - [569680] - (9.0.30729.4974) - E:\msvcp90.dll [05/01/2013 20:57:50] - |R| - (.© Microsoft Corporation. - Microsoft® C Runtime Library.) - [653136] - (9.0.30729.4974) - E:\msvcr90.dll [23/08/2013 15:12:34] - |R| - (.(C) NETGEAR Inc. All rights reserved - CD Navigator.) - [313344] - (1.0.0.2) - E:\autostart.exe [29/08/2012 17:30:02] - |R| - (.-.) - [51] - (0.0.0.0) - E:\autorun.inf D: [30/06/2011 18:00:41] - |ASH| - (.-.) - [44] - (0.0.0.0) - D:\language.ini ---------- | C: [11/01/2011 05:30:42] - |SHD| - [387] - C:\$RECYCLE.BIN [16/09/2015 12:42:17] - |HD| - [168408666] - C:\$Windows.~BT [09/02/2014 17:12:52] - |D| - [96159017] - C:\595fab4959d6081bcf9f [11/02/2015 04:10:14] - |D| - [48235432] - C:\9e98d1bdb2b7045a396be6ffb17107 [09/03/2016 22:12:36] - |D| - [0] - C:\a8e58e82398864d025 [26/04/2014 17:53:03] - |D| - [4773691] - C:\AdwCleaner [MD5.55241DDC9A3C9DD0EBECAF78D4A767D7] - [02/02/2014 16:04:38] - |A| - (.© Microsoft Corporation. - ATL Module for Windows (Unicode).) - [179704] - (9.0.21022.8) - C:\atl90.dll.21022.08.Microsoft_VC90_ATL_x64.RTM [MD5.D41D8CD98F00B204E9800998ECF8427E] - [02/02/2014 13:55:59] - |A| - (.-.) - [0] - (0.0.0.0) - C:\autoexec.bat [28/03/2016 23:45:54] - |D| - [0] - C:\AVAST Software [MD5.40A42D7D26857D16505E01405623952F] - [24/07/2009 22:14:22] - |RASH| - (.-.) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK [MD5.C6322344B0A408F1A43588DF3793C6A0] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\catalog.21022.08.Microsoft_VC90_ATL_x64.RTM [MD5.378E43013CEAAC08368673B7D9FD97E6] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\catalog.21022.08.Microsoft_VC90_CRT_x64.RTM [MD5.F8ECAB2B5B9DDF2882755ADC0011A52F] - [02/02/2014 16:04:41] - |A| - (.-.) - [9762] - (0.0.0.0) - C:\catalog.21022.08.Microsoft_VC90_MFCLOC_x64.RTM [MD5.17231C39921FDDAC457AAECA2A53788D] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\catalog.21022.08.Microsoft_VC90_MFC_x64.RTM [MD5.427E8A8E4E4FB58211A2049489C3E241] - [02/02/2014 16:04:41] - |A| - (.-.) - [9762] - (0.0.0.0) - C:\catalog.21022.08.Microsoft_VC90_OpenMP_x64.RTM [MD5.0B843655AA7B0B08211CF61DBF19148E] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\catalog.21022.08.policy_9_0_Microsoft_VC90_ATL_x64.RTM [MD5.BAA51153C78683E7E8F18FBD2F2FEBA3] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\catalog.21022.08.policy_9_0_Microsoft_VC90_CRT_x64.RTM [MD5.E5CEB5B826310298CEA55C22AB26DC52] - [02/02/2014 16:04:42] - |A| - (.-.) - [9810] - (0.0.0.0) - C:\catalog.21022.08.policy_9_0_Microsoft_VC90_MFCLOC_x64.RTM [MD5.5F869A9BF9CAF3B793C5C5922EE47A35] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\catalog.21022.08.policy_9_0_Microsoft_VC90_MFC_x64.RTM [MD5.3FD5FF5DA4CBCE06A0EFF4CF86699929] - [02/02/2014 16:04:42] - |A| - (.-.) - [9810] - (0.0.0.0) - C:\catalog.21022.08.policy_9_0_Microsoft_VC90_OpenMP_x64.RTM [MD5.8F54B8D85B54B04003F21A6555CE3F5D] - [09/03/2014 10:34:45] - |A| - (.-.) - [2195] - (0.0.0.0) - C:\DelFix.txt [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1028.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1031.txt [MD5.99C22D4A31F4EAD4351B71D6F4E5F6A1] - [07/11/2007 08:00:40] - |A| - (.-.) - [10134] - (0.0.0.0) - C:\eula.1033.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1036.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1040.txt [MD5.9B15A3A055CC6E67EA191A1B7885649A] - [07/11/2007 08:00:40] - |A| - (.-.) - [118] - (0.0.0.0) - C:\eula.1041.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1042.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.2052.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.3082.txt [07/05/2013 20:25:11] - |D| - [0] - C:\Firefox [MD5.F3C4BD62F184D719C136BA95F827F8E6] - [02/02/2014 16:04:42] - |A| - (.-.) - [181263] - (0.0.0.0) - C:\FL_msdia71_dll_2_60035_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8 [MD5.0A6B586FABD072BD7382B5E24194EAC7] - [07/11/2007 08:00:40] - |A| - (.-.) - [1110] - (0.0.0.0) - C:\globdata.ini [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/01/2011 07:55:36] - |ASH| - (.-.) - [1583276032] - (0.0.0.0) - C:\hiberfil.sys [07/01/2011 14:30:20] - |RASHD| - [42493021] - C:\hp [MD5.AC23149CE70BB2D69B16EDB1C8C10B26] - [25/09/2011 11:29:52] - |A| - (.-.) - [304152] - (0.0.0.0) - C:\img2-001.raw [MD5.E015A2D8890E2A96A93CA818F834C45B] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. - External Installer.) - [855040] - (9.0.21022.8) - C:\install.exe [MD5.0DA9AB4977F3E7BA8C65734DF42FDAB6] - [07/11/2007 08:00:40] - |A| - (.-.) - [843] - (0.0.0.0) - C:\install.ini [MD5.8F05FE39BDD336C8FA2A18EC3DFE418C] - [07/11/2007 08:44:20] - |A| - (.(C) Microsoft Corporation. - UI Wrapper Resource DLL.) - [75280] - (9.0.21022.8) - C:\install.res.1028.dll [MD5.7D9EBB7DCA62BA75361346CAF4EC196B] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. Alle Rechte vorbehalten. - Ressourcen-DLL für UI-Wrapper.) - [95248] - (9.0.21022.8) - C:\install.res.1031.dll [MD5.43FB29E3A676D26FCBF0352207991523] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. - UI Wrapper Resource DLL.) - [90128] - (9.0.21022.8) - C:\install.res.1033.dll [MD5.37C8A4717B40540816A3B92C470FD58F] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - UI Wrapper Resource DLL.) - [96272] - (9.0.21022.8) - C:\install.res.1036.dll [MD5.03576876C7E9A5B44EB7916492B5B0F6] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. Tutti i diritti riservati. - DLL di risorse del wrapper dell'interfaccia utente.) - [94224] - (9.0.21022.8) - C:\install.res.1040.dll [MD5.A3946D3C9ED130AF89D1C1A9E63DEAA6] - [07/11/2007 08:44:20] - |A| - (.(C) Copyright Microsoft Corporation. - UI Wrapper Resource DLL.) - [80400] - (9.0.21022.8) - C:\install.res.1041.dll [MD5.A5CFFE01D83AFECCD9590B4D696AA44E] - [07/11/2007 08:44:20] - |A| - (.(C) Microsoft Corporation. - UI 래퍼 리소스 DLL.) - [78864] - (9.0.21022.8) - C:\install.res.1042.dll [MD5.213BF3AD8A5F31C021BBE011D6460752] - [07/11/2007 08:44:20] - |A| - (.(C) Microsoft Corporation。保留所有权利。 - 用户界面包装资源 DLL.) - [74768] - (9.0.21022.8) - C:\install.res.2052.dll [MD5.FACD045628070999B43EB7C13AB2E0FE] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. Reservados todos los derechos. - Archivo DLL de recursos del contenedor de la interfaz de usuario.) - [95248] - (9.0.21022.8) - C:\install.res.3082.dll [12/05/2013 10:33:03] - |D| - [29404] - C:\Intel [01/07/2011 15:26:03] - |RHD| - [130736] - C:\MSOCache [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/01/2011 05:32:40] - |RASH| - (.-.) - [0] - (0.0.0.0) - C:\OS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/01/2011 07:55:42] - |ASH| - (.-.) - [2111037440] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 05:20:08] - |D| - [0] - C:\PerfLogs [MD5.DCFF21927AB052F3BDA2375A0EC04D7B] - [27/12/2014 19:20:33] - |A| - (.-.) - [512] - (0.0.0.0) - C:\PhysicalDisk0_MBR.bin [14/07/2009 05:20:08] - |RD| - [4105568800] - C:\Program Files [14/07/2009 05:20:08] - |RD| - [4133591528] - C:\Program Files (x86) [14/07/2009 05:20:08] - |HD| - [5380661537] - C:\ProgramData [02/07/2014 08:13:18] - |D| - [1167639] - C:\PSFONTS [20/08/2016 13:45:07] - |D| - [263077] - C:\QuickDiag [MD5.1F791C1B0F4A86ED8DE24034389A878B] - [20/08/2016 14:14:54] - |A| - (.-.) - [216528] - (0.0.0.0) - C:\QuickDiag.txt [24/07/2009 21:19:52] - |SHD| - [0] - C:\Recovery [MD5.684A90960D9760C65C55DC7130FDFB11] - [01/03/2014 21:19:33] - |A| - (.-.) - [26274] - (0.0.0.0) - C:\Shortcut_Module_01_03_2014_20_29_41.txt [MD5.5CF34151A3B741A29F6E6FD3CD1389A3] - [14/02/2014 23:23:22] - |A| - (.-.) - [24959] - (0.0.0.0) - C:\Shortcut_Module_14_02_2014_22_41_23.txt [MD5.BDBFA37DC72ECA451DE0ED6F38B89D4D] - [15/02/2014 21:03:04] - |A| - (.-.) - [28825] - (0.0.0.0) - C:\Shortcut_Module_15_02_2014_20_20_56.txt [15/06/2010 04:07:08] - |AD| - [3199474835] - C:\swsetup [11/01/2011 04:53:31] - |SHD| - [0] - C:\System Volume Information [04/08/2009 23:46:30] - |HD| - [48438848] - C:\SYSTEM.SAV [MD5.E5381DB0DBE3E82903898B6493A836B3] - [07/08/2010 03:26:40] - |ASH| - (.-.) - [47104] - (0.0.0.0) - C:\Thumbs.db [MD5.55241DDC9A3C9DD0EBECAF78D4A767D7] - [02/02/2014 16:04:41] - |A| - (.© Microsoft Corporation. - ATL Module for Windows (Unicode).) - [179704] - (9.0.21022.8) - C:\ul_atl90.dll.21022.08.Microsoft_VC90_ATL_x64.RTM [MD5.C6322344B0A408F1A43588DF3793C6A0] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\ul_catalog.21022.08.Microsoft_VC90_ATL_x64.RTM [MD5.378E43013CEAAC08368673B7D9FD97E6] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\ul_catalog.21022.08.Microsoft_VC90_CRT_x64.RTM [MD5.F8ECAB2B5B9DDF2882755ADC0011A52F] - [02/02/2014 16:04:41] - |A| - (.-.) - [9762] - (0.0.0.0) - C:\ul_catalog.21022.08.Microsoft_VC90_MFCLOC_x64.RTM [MD5.17231C39921FDDAC457AAECA2A53788D] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\ul_catalog.21022.08.Microsoft_VC90_MFC_x64.RTM [MD5.427E8A8E4E4FB58211A2049489C3E241] - [02/02/2014 16:04:42] - |A| - (.-.) - [9762] - (0.0.0.0) - C:\ul_catalog.21022.08.Microsoft_VC90_OpenMP_x64.RTM [MD5.0B843655AA7B0B08211CF61DBF19148E] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\ul_catalog.21022.08.policy_9_0_Microsoft_VC90_ATL_x64.RTM [MD5.BAA51153C78683E7E8F18FBD2F2FEBA3] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\ul_catalog.21022.08.policy_9_0_Microsoft_VC90_CRT_x64.RTM [MD5.E5CEB5B826310298CEA55C22AB26DC52] - [02/02/2014 16:04:42] - |A| - (.-.) - [9810] - (0.0.0.0) - C:\ul_catalog.21022.08.policy_9_0_Microsoft_VC90_MFCLOC_x64.RTM [MD5.5F869A9BF9CAF3B793C5C5922EE47A35] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\ul_catalog.21022.08.policy_9_0_Microsoft_VC90_MFC_x64.RTM [MD5.3FD5FF5DA4CBCE06A0EFF4CF86699929] - [02/02/2014 16:04:42] - |A| - (.-.) - [9810] - (0.0.0.0) - C:\ul_catalog.21022.08.policy_9_0_Microsoft_VC90_OpenMP_x64.RTM [14/07/2009 05:20:08] - |RD| - [174481143508] - C:\Users [MD5.06FBA95313F26E300917C6CEA4480890] - [07/11/2007 08:00:40] - |A| - (.-.) - [5686] - (0.0.0.0) - C:\vcredist.bmp [MD5.E2758D09B59904CE852E05C8F2827FAF] - [07/11/2007 08:50:40] - |A| - (.-.) - [1927956] - (0.0.0.0) - C:\VC_RED.cab [MD5.D53737CEA320B066C099894ED1780705] - [07/11/2007 08:53:12] - |A| - (.-.) - [242176] - (0.0.0.0) - C:\VC_RED.MSI [14/07/2009 05:20:08] - |AD| - [51326580027] - C:\Windows ---------- | C:\Windows [02/02/2014 13:49:45] - |D| - [1524995] - C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP [14/07/2009 05:20:08] - |D| - [24435799] - C:\Windows\AppCompat [14/07/2009 05:20:08] - |D| - [11035940] - C:\Windows\AppPatch ---------- | Detection of offsets [14/07/2009 05:20:08] - |RSD| - [2240374449] - C:\Windows\assembly [MD5.2169B4B1EFAA3453A4DA732F1F94C1E1] - [30/06/2015 17:46:43] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [43112] - (10.2.2218.942) - C:\Windows\avastSS.scr [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [17/05/2013 17:58:42] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 05:20:09] - |D| - [29163158] - C:\Windows\Boot [MD5.2DC37E4475C6786BF77A2D1CF3300521] - [14/07/2009 07:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 05:20:09] - |D| - [3233280] - C:\Windows\Branding [MD5.E585CA2967C45464D97F48764F9260F4] - [30/06/2011 19:00:43] - |A| - (.-.) - [441] - (0.0.0.0) - C:\Windows\BRWMARK.INI [11/01/2011 04:54:03] - |D| - [0] - C:\Windows\CSC [MD5.CF313C6F0E872DC33F17A1D8D45E4468] - [11/01/2011 05:26:46] - |A| - (.-.) - [10] - (0.0.0.0) - C:\Windows\csup.txt [14/07/2009 05:20:09] - |D| - [2113488] - C:\Windows\Cursors [14/07/2009 06:45:54] - |D| - [1058158] - C:\Windows\debug [14/07/2009 07:32:38] - |D| - [3044378] - C:\Windows\diagnostics [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\DigitalLocker [14/07/2009 07:32:38] - |D| - [424] - C:\Windows\Downloaded Program Files [11/01/2011 05:05:51] - |D| - [4564018] - C:\Windows\DPDrv [14/07/2009 09:46:36] - |D| - [118084593] - C:\Windows\ehome [02/02/2014 15:11:16] - |D| - [306203194] - C:\Windows\ERUNT [MD5.9DA3B83F80E205B6C601EEE1312FD0A0] - [18/06/2016 20:05:12] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3231232] - (6.1.7601.23418) - C:\Windows\explorer.exe [14/07/2009 05:20:09] - |RSD| - [472152623] - C:\Windows\Fonts [19/03/2016 20:06:19] - |D| - [117440] - C:\Windows\fr [11/01/2011 05:30:52] - |D| - [142848] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 05:20:09] - |D| - [34181371] - C:\Windows\Globalization [14/07/2009 05:20:09] - |D| - [216121454] - C:\Windows\Help [MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 02:29:53] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe [MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 02:29:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe [14/07/2009 05:20:09] - |D| - [143547244] - C:\Windows\IME [14/07/2009 05:20:10] - |D| - [131246201] - C:\Windows\inf [11/01/2011 05:00:29] - |SHD| - [2023459928] - C:\Windows\Installer [14/07/2009 05:20:10] - |D| - [48371] - C:\Windows\L2Schemas [14/07/2009 05:20:10] - |D| - [1154721] - C:\Windows\LiveKernelReports [14/07/2009 05:20:10] - |D| - [138833146] - C:\Windows\Logs [14/07/2009 05:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 05:20:10] - |D| - [1106242118] - C:\Windows\Microsoft.NET [09/02/2014 17:15:03] - |D| - [4376] - C:\Windows\Migration [05/04/2013 12:39:30] - |D| - [0] - C:\Windows\Minidump [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [MD5.B32189BDFF6E577A92BAA61AD49264E6] - [18/08/2015 10:44:31] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe [MD5.4B96A9F487C310F99A17D4464CFC77A4] - [24/12/2013 12:45:51] - |A| - (.-.) - [114655] - (0.0.0.0) - C:\Windows\ocsetup_cbs_install_NetFx3.txt [MD5.C65906B0A760E96AFE89282F5F003CD0] - [24/12/2013 12:45:50] - |A| - (.-.) - [131072] - (0.0.0.0) - C:\Windows\ocsetup_install_NetFx3.etl [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [24/07/2009 22:14:34] - |D| - [2234979] - C:\Windows\Panther [30/06/2011 23:32:34] - |D| - [0] - C:\Windows\PCHEALTH [14/07/2009 07:32:38] - |D| - [62392135] - C:\Windows\Performance [MD5.06D109B4ADAC23A0A4DD9A346D71C0AF] - [28/07/2016 12:46:53] - |A| - (.-.) - [14310] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 05:20:10] - |D| - [1132015] - C:\Windows\PLA [14/07/2009 05:20:10] - |D| - [5818055] - C:\Windows\PolicyDefinitions [05/03/2014 20:43:26] - |D| - [34693839] - C:\Windows\Prefetch [MD5.FFB8B91BD19E5BC10A3344AAF34880F3] - [14/07/2009 09:48:40] - |A| - (.-.) - [53551] - (0.0.0.0) - C:\Windows\Professional.xml [04/08/2013 09:35:40] - |D| - [2338] - C:\Windows\pss [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 05:20:10] - |D| - [22588] - C:\Windows\registration [14/07/2009 05:20:10] - |D| - [6583354] - C:\Windows\rescache [14/07/2009 05:20:10] - |D| - [1674534] - C:\Windows\Resources [MD5.8607F29F810824690CB2CCB5B39EC49E] - [11/01/2011 05:10:31] - |A| - (.Copyright (C) 2010 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [1251944] - (1.0.2.4) - C:\Windows\RtlExUpd.dll [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 05:20:10] - |D| - [58021] - C:\Windows\schemas [14/07/2009 05:20:10] - |D| - [6067500] - C:\Windows\security [14/07/2009 06:45:47] - |D| - [80018877] - C:\Windows\ServiceProfiles [14/07/2009 05:20:10] - |D| - [218657182] - C:\Windows\servicing [14/07/2009 06:45:50] - |D| - [838] - C:\Windows\Setup [MD5.8FDC0BB43AE4FFDE39697B3E3580111F] - [29/06/2016 18:12:43] - |A| - (.-.) - [1288] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [29/06/2016 18:12:43] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [11/01/2011 04:56:30] - |D| - [4457795081] - C:\Windows\SoftwareDistribution [14/07/2009 05:20:10] - |D| - [70579144] - C:\Windows\Speech [MD5.127AA81343A7C6F665C22CB1293B0A90] - [15/08/2012 12:23:52] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17777) - C:\Windows\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 05:20:10] - |D| - [5990971685] - C:\Windows\System32 [14/07/2009 05:20:14] - |AD| - [1285203575] - C:\Windows\SysWOW64 [14/07/2009 05:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 05:20:14] - |D| - [36340] - C:\Windows\Tasks [14/07/2009 05:20:14] - |D| - [600533665] - C:\Windows\Temp [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 07:32:38] - |D| - [1210258] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [17/05/2013 17:58:48] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [14/07/2009 05:20:14] - |D| - [12420] - C:\Windows\Vss [MD5.69764A6475A4C54732E6A07CE6EF8BE2] - [20/05/2010 15:26:30] - |A| - (.Copyright (c) Microsoft Corporation. - Microsoft LifeCam Device Application.) - [762736] - (1.2.6.0) - C:\Windows\vVX3000.exe [MD5.D4AB86DCA04623B911795BEC9C2E3361] - [26/06/2009 17:24:18] - |A| - (.-.) - [15498] - (0.0.0.0) - C:\Windows\VX3000.ini [MD5.AB844F126F342FC487534C58D8C18547] - [26/06/2009 17:24:18] - |A| - (.-.) - [13023] - (0.0.0.0) - C:\Windows\VX3000.src [MD5.131BC4447D0092AC8A57032DD1107D43] - [29/01/2014 19:28:59] - |A| - (.-.) - [724] - (0.0.0.0) - C:\Windows\wacam.ini [14/07/2009 05:20:14] - |D| - [42455952] - C:\Windows\Web [MD5.162904DAA5412143F5403233E77F787E] - [14/07/2009 04:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.F79BB6E14FE25BF5136B396E1192614B] - [11/01/2011 04:56:23] - |A| - (.-.) - [1508180] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 02:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [14/07/2009 05:20:14] - |D| - [31423297269] - C:\Windows\winsxs [MD5.907AE50A03DEEC4CFFDC70EA3D5AD4D8] - [31/03/2014 22:34:22] - |A| - (.© 2012 Microsoft Corporation. Tous droits réservés. - Écran de veille de la Galerie de photos.) - [322248] - (16.4.3528.331) - C:\Windows\WLXPGSS.SCR [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [25/01/2014 21:45:16] - C:\Windows\Installer\100a27a8.msi : (HP Support Assistant - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/08/2013 13:03:14] - C:\Windows\Installer\100a27af.msi : (Blank Project Template - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/02/2014 12:47:06] - C:\Windows\Installer\1042e7c.msi : (Hardware Detection Ma-Config.com - Cybelsoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | Notify [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] : igfxdev.dll [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP] : DeviceNP.dll ---------- | SSODL | SEH | URLSH | STS ---------- | Toolbar [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000020000000100001003400000001000000000700005E010000060000000101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000B1C218236549D4119B18009027A5CD4F0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=54 "ITBar7Layout64"=0x13000000000000000000000030000000100003003100000001000000000700005E0100000600000001010000000000000700000001010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007B228A319F5EBD4589997F8F10CA4CF5B1C218236549D4119B18009027A5CD4F00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height64"=49 "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=0xB1C218236549D4119B18009027A5CD4F [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "UpgradeTime"=0x04B23B08E0EECF01 "TopResult"=1 "ShowSearchSuggestionsGlobal"=1 "ShowSearchSuggestionsInAddressGlobal"=1 "KnownProvidersUpgradeTime"=0x1855503E0125CF01 "Version"=4 "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}] : (@C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Skype for Business Click to Call) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}] : (@C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] ---------- | SearchScopes [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC : [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}] -> (HP ProtectTools Security Manager Extension) : c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [23/01/2010 00:30:54] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [30/06/2015 17:46:40] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d’aide de l’Assistant de connexion au compte Microsoft) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [17/07/2012 15:51:50] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -> (Google Toolbar Helper) : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [01/05/2013 20:51:26] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [19/08/2016 08:50:48] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] -> (HP Network Check Helper) : C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [28/08/2013 03:28:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}] -> (File Sanitizer for HP ProtectTools) : c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [12/12/2009 03:57:58] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}] -> (HP ProtectTools Security Manager Extension) : c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [23/01/2010 00:30:54] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre7\bin\ssv.dll [16/03/2014 13:15:16] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [30/06/2015 17:46:40] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d’aide de l’Assistant de connexion au compte Microsoft) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [17/07/2012 15:51:50] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -> (Google Toolbar Helper) : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [01/05/2013 20:51:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [19/08/2016 08:50:48] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [16/03/2014 13:15:15] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] -> (HP Network Check Helper) : C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [28/08/2013 03:28:26] ---------- | Chrome C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki] ---------- | Opera ---------- | Firefox [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "otis@digitalpersona.com"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin] - (Facebook Video Calling Plugin) : C:\Users\Christine\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0] - (Unity Player 3.5.0f5) : C:\Users\Christine\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=] - (Module iTunes Detector) : [HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] - () : C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [24/09/2014 00:07:11] - C:\Windows\Installer\1713aa0.msi : (Additional Font and Media Support - The J2SE Runtime Environment with European languages. This requires [Core]MB on your hard drive.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\tbgizrkn.default\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20160604131506"); user_pref("browser.startup.homepage_override.mstone", "47.0"); user_pref("extensions.blocklist.pingCountTotal", 45); user_pref("extensions.blocklist.pingCountVersion", 9); user_pref("extensions.bootstrappedAddons", "{\"loop@mozilla.org\":{\"version\":\"1.3.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"e10srollout@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true}}"); user_pref("extensions.databaseSchema", 17); user_pref("extensions.e10sBlockedByAddons", false); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:47.0"); user_pref("extensions.getAddons.cache.lastUpdate", 1471691973); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20160106.01"); user_pref("extensions.lastAppVersion", "47.0"); user_pref("extensions.lastPlatformVersion", "47.0"); user_pref("extensions.pendingOperations", false); user_pref("extensions.shownSelectionUI", true); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.experiment.hidden", true); user_pref("extensions.ui.lastCategory", "addons://discover/"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.xpiState", "{\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1465814247975},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.2\",\"st\":1465814247973},\"loop@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\loop@mozilla.org.xpi\",\"e\":true,\"v\":\"1.3.2\",\"st\":1465814247965}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"47.0\",\"st\":1465814248005}},\"winreg-app-global\":{\"otis@digitalpersona.com\":{\"d\":\"c:\\\\Program Files (x86)\\\\Hewlett-Packard\\\\HP ProtectTools Security Manager\\\\Bin\\\\FirefoxExt\",\"e\":false,\"v\":\"5.0.0.4218\",\"st\":1294715151866,\"mt\":1264199540000},\"wrc@avast.com\":{\"d\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"e\":false,\"v\":\"10.3.3.13\",\"st\":1449767245344,\"mt\":1449767244299}}}"); ---------- | Active Connections TCP 127.0.0.1:5354 Christine-HP:49159 ESTABLISHED 1800 TCP 127.0.0.1:5354 Christine-HP:49160 ESTABLISHED 1800 TCP 127.0.0.1:27015 Christine-HP:49184 ESTABLISHED 1780 TCP 127.0.0.1:49159 Christine-HP:5354 ESTABLISHED 1780 TCP 127.0.0.1:49160 Christine-HP:5354 ESTABLISHED 1780 TCP 127.0.0.1:49184 Christine-HP:27015 ESTABLISHED 2620 TCP 127.0.0.1:50149 Christine-HP:50150 ESTABLISHED 7044 TCP 127.0.0.1:50150 Christine-HP:50149 ESTABLISHED 7044 TCP 192.168.0.10:50557 lon13.ff.avast.com:http ESTABLISHED 1244 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=89.2.0.1 89.2.0.2 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{027561EA-BD5E-44FA-BD2E-3FE3EB40758A}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{0E5CB0DA-2309-4323-91DF-26BC61985207}] "DhcpNameServer"=89.2.0.1 89.2.0.2 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7A249C16-6580-495A-8692-DFB08537D5CE}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{027561EA-BD5E-44FA-BD2E-3FE3EB40758A}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{0E5CB0DA-2309-4323-91DF-26BC61985207}] "DhcpNameServer"=89.2.0.1 89.2.0.2 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7A249C16-6580-495A-8692-DFB08537D5CE}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{027561EA-BD5E-44FA-BD2E-3FE3EB40758A}] "DhcpNameServer"=172.20.10.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0E5CB0DA-2309-4323-91DF-26BC61985207}] "DhcpNameServer"=89.2.0.1 89.2.0.2 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7A249C16-6580-495A-8692-DFB08537D5CE}] "DhcpNameServer"=192.168.1.1 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | Svchost - Netsvcs (Whitelisted) Term - : ---------- | Software [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Adobe] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\AppDataLow] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Apple Computer, Inc.] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Apple Inc.] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\AVAST Software] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Brother] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Chris Hills] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Clients] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\CyberLink] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\DigitalPersona] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Facebook] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\FileHippo.com] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Google] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Hewlett-Packard] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\HP] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\HPKEYBOARD] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\IM Providers] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\ImageViewer] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Intel] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\JavaSoft] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\JWPlugins] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\kde.org] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\KeyBoardLED_status] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Licenses] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Macromedia] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\MakeMusic] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Malwarebytes' Anti-Malware] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Mozilla] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\MozillaPlugins] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Musitek] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\MyDefrag] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\NETGEAR] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Netscape] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\ODBC] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\OpenOffice.org] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\PDFComplete] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Piriform] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Policies] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Pvm] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Skype] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\SkypeRS] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\sysinternals] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Trolltech] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Unity] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\VSRevoGroup] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Wow6432Node] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\AppDataLow\Software\Adobe] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\AppDataLow\Software\Macromedia] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\AppDataLow\Software\Unity] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\ATI Technologies] [HKLM\Software\Brother] [HKLM\Software\Clients] [HKLM\Software\cybelsoft] [HKLM\Software\Cyberlink] [HKLM\Software\DigitalPersona] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\NETGEAR] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SafeBoot International] [HKLM\Software\Sonic] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GPSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AdwCleaner] [HKLM\Software\WOW6432Node\AppDataLow] [HKLM\Software\WOW6432Node\Apple Computer, Inc.] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\Brother] [HKLM\Software\WOW6432Node\Corel] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\DigitalPersona] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\InterVideo] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Lake] [HKLM\Software\WOW6432Node\LEDPointer] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MimarSinan] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Myriad Software] [HKLM\Software\WOW6432Node\NETGEAR] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenOffice.org] [HKLM\Software\WOW6432Node\PDFComplete] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\RtWLan] [HKLM\Software\WOW6432Node\SafeBoot International] [HKLM\Software\WOW6432Node\SERCOMM] [HKLM\Software\WOW6432Node\Shortcut_Module] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\Sun Microsystems] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\Werner Schweer and Others] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\Windows] [HKLM\Software\WOW6432Node\WSWNA3100M] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives E: [13/10/2012 11:41:08] - |R| - (.Copyright (C) 2012 - EncryptD 动态链接库.) - [190976] - (1.0.0.1) - E:\EncryptDll.dll [13/10/2012 11:41:08] - |R| - (.-.) - [2537472] - (4.7.0.0) - E:\QtCore4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [2952704] - (4.7.0.0) - E:\QtDeclarative4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [9814016] - (4.7.0.0) - E:\QtGui4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [1140224] - (4.7.0.0) - E:\QtNetwork4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [2173952] - (4.7.0.0) - E:\QtScript4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [270848] - (4.7.0.0) - E:\QtSql4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [399360] - (4.7.0.0) - E:\QtXml4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [4009472] - (4.7.0.0) - E:\QtXmlPatterns4.dll [13/10/2012 11:41:08] - |R| - (.-.) - [43008] - (0.0.0.0) - E:\libgcc_s_dw2-1.dll [05/01/2013 20:57:52] - |R| - (.© Microsoft Corporation. - MFCDLL Shared Library - Retail Version.) - [3780424] - (9.0.30729.4974) - E:\mfc90u.dll [13/10/2012 11:41:08] - |R| - (.-.) - [11362] - (0.0.0.0) - E:\mingwm10.dll [05/01/2013 20:57:50] - |R| - (.© Microsoft Corporation. - Microsoft® C++ Runtime Library.) - [569680] - (9.0.30729.4974) - E:\msvcp90.dll [05/01/2013 20:57:50] - |R| - (.© Microsoft Corporation. - Microsoft® C Runtime Library.) - [653136] - (9.0.30729.4974) - E:\msvcr90.dll [23/08/2013 15:12:34] - |R| - (.(C) NETGEAR Inc. All rights reserved - CD Navigator.) - [313344] - (1.0.0.2) - E:\autostart.exe [29/08/2012 17:30:02] - |R| - (.-.) - [51] - (0.0.0.0) - E:\autorun.inf D: [30/06/2011 18:00:41] - |ASH| - (.-.) - [44] - (0.0.0.0) - D:\language.ini ---------- | C: [11/01/2011 05:30:42] - |SHD| - [387] - C:\$RECYCLE.BIN [16/09/2015 12:42:17] - |HD| - [168408666] - C:\$Windows.~BT [09/02/2014 17:12:52] - |D| - [96159017] - C:\595fab4959d6081bcf9f [11/02/2015 04:10:14] - |D| - [48235432] - C:\9e98d1bdb2b7045a396be6ffb17107 [09/03/2016 22:12:36] - |D| - [0] - C:\a8e58e82398864d025 [26/04/2014 17:53:03] - |D| - [4773691] - C:\AdwCleaner [MD5.55241DDC9A3C9DD0EBECAF78D4A767D7] - [02/02/2014 16:04:38] - |A| - (.© Microsoft Corporation. - ATL Module for Windows (Unicode).) - [179704] - (9.0.21022.8) - C:\atl90.dll.21022.08.Microsoft_VC90_ATL_x64.RTM [MD5.D41D8CD98F00B204E9800998ECF8427E] - [02/02/2014 13:55:59] - |A| - (.-.) - [0] - (0.0.0.0) - C:\autoexec.bat [28/03/2016 23:45:54] - |D| - [0] - C:\AVAST Software [MD5.40A42D7D26857D16505E01405623952F] - [24/07/2009 22:14:22] - |RASH| - (.-.) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK [MD5.C6322344B0A408F1A43588DF3793C6A0] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\catalog.21022.08.Microsoft_VC90_ATL_x64.RTM [MD5.378E43013CEAAC08368673B7D9FD97E6] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\catalog.21022.08.Microsoft_VC90_CRT_x64.RTM [MD5.F8ECAB2B5B9DDF2882755ADC0011A52F] - [02/02/2014 16:04:41] - |A| - (.-.) - [9762] - (0.0.0.0) - C:\catalog.21022.08.Microsoft_VC90_MFCLOC_x64.RTM [MD5.17231C39921FDDAC457AAECA2A53788D] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\catalog.21022.08.Microsoft_VC90_MFC_x64.RTM [MD5.427E8A8E4E4FB58211A2049489C3E241] - [02/02/2014 16:04:41] - |A| - (.-.) - [9762] - (0.0.0.0) - C:\catalog.21022.08.Microsoft_VC90_OpenMP_x64.RTM [MD5.0B843655AA7B0B08211CF61DBF19148E] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\catalog.21022.08.policy_9_0_Microsoft_VC90_ATL_x64.RTM [MD5.BAA51153C78683E7E8F18FBD2F2FEBA3] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\catalog.21022.08.policy_9_0_Microsoft_VC90_CRT_x64.RTM [MD5.E5CEB5B826310298CEA55C22AB26DC52] - [02/02/2014 16:04:42] - |A| - (.-.) - [9810] - (0.0.0.0) - C:\catalog.21022.08.policy_9_0_Microsoft_VC90_MFCLOC_x64.RTM [MD5.5F869A9BF9CAF3B793C5C5922EE47A35] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\catalog.21022.08.policy_9_0_Microsoft_VC90_MFC_x64.RTM [MD5.3FD5FF5DA4CBCE06A0EFF4CF86699929] - [02/02/2014 16:04:42] - |A| - (.-.) - [9810] - (0.0.0.0) - C:\catalog.21022.08.policy_9_0_Microsoft_VC90_OpenMP_x64.RTM [MD5.8F54B8D85B54B04003F21A6555CE3F5D] - [09/03/2014 10:34:45] - |A| - (.-.) - [2195] - (0.0.0.0) - C:\DelFix.txt [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1028.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1031.txt [MD5.99C22D4A31F4EAD4351B71D6F4E5F6A1] - [07/11/2007 08:00:40] - |A| - (.-.) - [10134] - (0.0.0.0) - C:\eula.1033.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1036.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1040.txt [MD5.9B15A3A055CC6E67EA191A1B7885649A] - [07/11/2007 08:00:40] - |A| - (.-.) - [118] - (0.0.0.0) - C:\eula.1041.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1042.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.2052.txt [MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 08:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.3082.txt [07/05/2013 20:25:11] - |D| - [0] - C:\Firefox [MD5.F3C4BD62F184D719C136BA95F827F8E6] - [02/02/2014 16:04:42] - |A| - (.-.) - [181263] - (0.0.0.0) - C:\FL_msdia71_dll_2_60035_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8 [MD5.0A6B586FABD072BD7382B5E24194EAC7] - [07/11/2007 08:00:40] - |A| - (.-.) - [1110] - (0.0.0.0) - C:\globdata.ini [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/01/2011 07:55:36] - |ASH| - (.-.) - [1583276032] - (0.0.0.0) - C:\hiberfil.sys [07/01/2011 14:30:20] - |RASHD| - [42493021] - C:\hp [MD5.AC23149CE70BB2D69B16EDB1C8C10B26] - [25/09/2011 11:29:52] - |A| - (.-.) - [304152] - (0.0.0.0) - C:\img2-001.raw [MD5.E015A2D8890E2A96A93CA818F834C45B] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. - External Installer.) - [855040] - (9.0.21022.8) - C:\install.exe [MD5.0DA9AB4977F3E7BA8C65734DF42FDAB6] - [07/11/2007 08:00:40] - |A| - (.-.) - [843] - (0.0.0.0) - C:\install.ini [MD5.8F05FE39BDD336C8FA2A18EC3DFE418C] - [07/11/2007 08:44:20] - |A| - (.(C) Microsoft Corporation. - UI Wrapper Resource DLL.) - [75280] - (9.0.21022.8) - C:\install.res.1028.dll [MD5.7D9EBB7DCA62BA75361346CAF4EC196B] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. Alle Rechte vorbehalten. - Ressourcen-DLL für UI-Wrapper.) - [95248] - (9.0.21022.8) - C:\install.res.1031.dll [MD5.43FB29E3A676D26FCBF0352207991523] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. - UI Wrapper Resource DLL.) - [90128] - (9.0.21022.8) - C:\install.res.1033.dll [MD5.37C8A4717B40540816A3B92C470FD58F] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - UI Wrapper Resource DLL.) - [96272] - (9.0.21022.8) - C:\install.res.1036.dll [MD5.03576876C7E9A5B44EB7916492B5B0F6] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. Tutti i diritti riservati. - DLL di risorse del wrapper dell'interfaccia utente.) - [94224] - (9.0.21022.8) - C:\install.res.1040.dll [MD5.A3946D3C9ED130AF89D1C1A9E63DEAA6] - [07/11/2007 08:44:20] - |A| - (.(C) Copyright Microsoft Corporation. - UI Wrapper Resource DLL.) - [80400] - (9.0.21022.8) - C:\install.res.1041.dll [MD5.A5CFFE01D83AFECCD9590B4D696AA44E] - [07/11/2007 08:44:20] - |A| - (.(C) Microsoft Corporation. - UI 래퍼 리소스 DLL.) - [78864] - (9.0.21022.8) - C:\install.res.1042.dll [MD5.213BF3AD8A5F31C021BBE011D6460752] - [07/11/2007 08:44:20] - |A| - (.(C) Microsoft Corporation。保留所有权利。 - 用户界面包装资源 DLL.) - [74768] - (9.0.21022.8) - C:\install.res.2052.dll [MD5.FACD045628070999B43EB7C13AB2E0FE] - [07/11/2007 08:44:20] - |A| - (.© Microsoft Corporation. Reservados todos los derechos. - Archivo DLL de recursos del contenedor de la interfaz de usuario.) - [95248] - (9.0.21022.8) - C:\install.res.3082.dll [12/05/2013 10:33:03] - |D| - [29404] - C:\Intel [01/07/2011 15:26:03] - |RHD| - [130736] - C:\MSOCache [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/01/2011 05:32:40] - |RASH| - (.-.) - [0] - (0.0.0.0) - C:\OS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/01/2011 07:55:42] - |ASH| - (.-.) - [2111037440] - (0.0.0.0) - C:\pagefile.sys [14/07/2009 05:20:08] - |D| - [0] - C:\PerfLogs [MD5.DCFF21927AB052F3BDA2375A0EC04D7B] - [27/12/2014 19:20:33] - |A| - (.-.) - [512] - (0.0.0.0) - C:\PhysicalDisk0_MBR.bin [03/06/2016 10:53:52] - C:\Windows\Installer\1805f7.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/06/2016 10:54:18] - C:\Windows\Installer\180631.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/06/2016 10:57:21] - C:\Windows\Installer\180743.msi : (iCloud for Windows installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/06/2016 10:59:28] - C:\Windows\Installer\1817b1.msi : (iTunes Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2009 05:20:08] - |RD| - [4105573324] - C:\Program Files [03/04/2016 14:34:02] - C:\Windows\Installer\1935c4.msi : (QuickTime Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/04/2016 14:38:01] - C:\Windows\Installer\1938c0.msi : (Apple Software Update Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/04/2016 14:38:10] - C:\Windows\Installer\193915.msi : (Apple Mobile Device Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/11/2011 11:25:40] - C:\Windows\Installer\1e1edc7.msi : (swMSM - Adobe Systems, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/04/2015 03:11:36] - C:\Windows\Installer\2ce6b0d7.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/07/2016 12:01:50] - C:\Windows\Installer\2dea95.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/02/2010 19:18:50] - C:\Windows\Installer\2f0620.msi : (OpenOffice.org 3.2 - OpenOffice.org) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/08/2014 00:07:53] - C:\Windows\Installer\4cdfeee.msi : (Facebook Video Calling 3.1.0.521 - Skype Limited) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/11/2008 21:47:36] - C:\Windows\Installer\677ff.msi : ( - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/01/2011 05:05:36] - C:\Windows\Installer\6780c.msi : (HP Auto - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/01/2010 01:08:24] - C:\Windows\Installer\67814.msi : (Blank Project Template - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/01/2011 05:06:24] - C:\Windows\Installer\6781c.msi : (Blank Project Template - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/01/2011 05:06:42] - C:\Windows\Installer\67823.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/11/2010 13:22:20] - C:\Windows\Installer\6782f.msi : (Blank Project Template - InterVideo Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/05/2010 00:50:16] - C:\Windows\Installer\67834.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2010 20:19:23] - C:\Windows\Installer\67850.msi : ( - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/01/2011 05:17:53] - C:\Windows\Installer\6785e.msi : (HP Remote Solution Installation - HP Remote Solution) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/09/2010 03:07:42] - C:\Windows\Installer\67869.msi : (This application presents connect solutions by HP and partners. - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/02/2010 03:41:30] - C:\Windows\Installer\678ba.msi : (Drive Encryption for HP ProtectTools - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/12/2009 22:12:02] - C:\Windows\Installer\678c3.msi : (Device Access Manager for HP ProtectTools - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/12/2009 04:00:32] - C:\Windows\Installer\678cc.msi : (Blank Project Template - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/11/2014 13:36:37] - C:\Windows\Installer\71e51.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/11/2015 10:58:47] - C:\Windows\Installer\8022057.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/05/2013 20:51:26] - C:\Windows\Installer\9663d.msi : (Google Toolbar for Internet Explorer - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/03/2014 13:14:35] - C:\Windows\Installer\b31da4e.msi : (Java SE Runtime Environment 7.0 - Oracle) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/09/2012 05:48:11] - C:\Windows\Installer\b31daab.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/07/2016 13:04:03] - C:\Windows\Installer\f0125.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini [14/04/2015 21:46:47] - [16303] - C:\Windows\System32\ieuinit.inf [14/07/2009 07:13:15] - [1672200] - C:\Windows\System32\PerfStringBackup.INI [10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [09/08/2004 07:00:42] - [114] - C:\Windows\Syswow64\BRLMW03A.INI [07/05/2013 20:18:32] - [0] - C:\Windows\Syswow64\hardware.inf [14/04/2015 21:46:48] - [16303] - C:\Windows\Syswow64\ieuinit.inf [11/01/2011 05:06:05] - [375] - C:\Windows\Syswow64\InstallUtil.InstallLog [07/05/2013 20:22:44] - [40] - C:\Windows\Syswow64\lamylevcd.ini [14/07/2009 06:55:01] - [57] - C:\Windows\Syswow64\mapisvc.inf [11/01/2011 05:02:18] - [1646332] - C:\Windows\Syswow64\PerfStringBackup.INI ---------- | [Christine] [27/04/2013 09:20:51] - |A| - [0] - C:\Users\Christine\acrobatreader.exe [08/05/2013 15:34:14] - |A| - [12808] - C:\Users\Christine\agent immo rémunération 080513.rtf [30/06/2011 18:01:00] - |HD| - [1943111832] - C:\Users\Christine\AppData [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\Application Data [30/06/2011 18:06:35] - |RD| - [68790] - C:\Users\Christine\Contacts [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\Cookies [30/06/2011 18:01:00] - |RD| - [89454541] - C:\Users\Christine\Desktop [14/07/2009 05:20:08] - |RD| - [4133591528] - C:\Program Files (x86) [30/06/2011 18:01:00] - |RD| - [570065542] - C:\Users\Christine\Documents [30/06/2011 18:01:00] - |RD| - [8774276093] - C:\Users\Christine\Downloads [30/06/2011 18:01:00] - |RD| - [77599] - C:\Users\Christine\Favorites [07/05/2013 20:18:29] - |HD| - [0] - C:\Users\Christine\InstallAnywhere [30/06/2011 18:50:28] - |D| - [89279] - C:\Users\Christine\licenses [30/06/2011 18:01:00] - |RD| - [2412] - C:\Users\Christine\Links [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\Local Settings [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\Menu Démarrer [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\Mes documents [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\Modèles [14/07/2009 05:20:08] - |HD| - [5381710309] - C:\ProgramData [02/07/2014 08:13:18] - |D| - [1167639] - C:\PSFONTS [20/08/2016 13:45:07] - |D| - [262057] - C:\QuickDiag [MD5.C6AD786E7C30A23DDC7D946B14512CE7] - [20/08/2016 14:14:54] - |A| - (.-.) - [282284] - (0.0.0.0) - C:\QuickDiag.txt [24/07/2009 21:19:52] - |SHD| - [0] - C:\Recovery [MD5.684A90960D9760C65C55DC7130FDFB11] - [01/03/2014 21:19:33] - |A| - (.-.) - [26274] - (0.0.0.0) - C:\Shortcut_Module_01_03_2014_20_29_41.txt [MD5.5CF34151A3B741A29F6E6FD3CD1389A3] - [14/02/2014 23:23:22] - |A| - (.-.) - [24959] - (0.0.0.0) - C:\Shortcut_Module_14_02_2014_22_41_23.txt [MD5.BDBFA37DC72ECA451DE0ED6F38B89D4D] - [15/02/2014 21:03:04] - |A| - (.-.) - [28825] - (0.0.0.0) - C:\Shortcut_Module_15_02_2014_20_20_56.txt [30/06/2011 18:01:00] - |RD| - [125996581115] - C:\Users\Christine\Music [30/06/2011 18:01:00] - |ASH| - [9961472] - C:\Users\Christine\ntuser.dat [30/06/2011 18:01:00] - |ASH| - [262144] - C:\Users\Christine\ntuser.dat.LOG1 [30/06/2011 18:01:00] - |ASH| - [262144] - C:\Users\Christine\ntuser.dat.LOG2 [30/06/2011 18:01:00] - |ASH| - [65536] - C:\Users\Christine\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [30/06/2011 18:01:00] - |ASH| - [524288] - C:\Users\Christine\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [30/06/2011 18:01:00] - |ASH| - [524288] - C:\Users\Christine\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [12/02/2014 21:07:14] - |ASH| - [65536] - C:\Users\Christine\ntuser.dat{1107ca29-9412-11e3-932b-d48564c2c6f2}.TM.blf [12/02/2014 21:07:14] - |ASH| - [524288] - C:\Users\Christine\ntuser.dat{1107ca29-9412-11e3-932b-d48564c2c6f2}.TMContainer00000000000000000001.regtrans-ms [12/02/2014 21:07:14] - |ASH| - [524288] - C:\Users\Christine\ntuser.dat{1107ca29-9412-11e3-932b-d48564c2c6f2}.TMContainer00000000000000000002.regtrans-ms [15/02/2014 10:30:27] - |ASH| - [65536] - C:\Users\Christine\ntuser.dat{a410524b-9614-11e3-ab30-d48564c2c6f2}.TM.blf [15/02/2014 10:30:27] - |ASH| - [524288] - C:\Users\Christine\ntuser.dat{a410524b-9614-11e3-ab30-d48564c2c6f2}.TMContainer00000000000000000001.regtrans-ms [15/02/2014 10:30:27] - |ASH| - [524288] - C:\Users\Christine\ntuser.dat{a410524b-9614-11e3-ab30-d48564c2c6f2}.TMContainer00000000000000000002.regtrans-ms [30/06/2011 18:01:00] - |SH| - [20] - C:\Users\Christine\ntuser.ini [02/02/2010 19:18:40] - |A| - [129917939] - C:\Users\Christine\openofficeorg1.cab [02/02/2010 19:18:50] - |A| - [10180096] - C:\Users\Christine\openofficeorg32.msi [15/06/2010 04:07:08] - |AD| - [3199474835] - C:\swsetup [11/01/2011 04:53:31] - |SHD| - [0] - C:\System Volume Information [04/08/2009 23:46:30] - |HD| - [48438848] - C:\SYSTEM.SAV [MD5.E5381DB0DBE3E82903898B6493A836B3] - [07/08/2010 03:26:40] - |ASH| - (.-.) - [47104] - (0.0.0.0) - C:\Thumbs.db [MD5.55241DDC9A3C9DD0EBECAF78D4A767D7] - [02/02/2014 16:04:41] - |A| - (.© Microsoft Corporation. - ATL Module for Windows (Unicode).) - [179704] - (9.0.21022.8) - C:\ul_atl90.dll.21022.08.Microsoft_VC90_ATL_x64.RTM [MD5.C6322344B0A408F1A43588DF3793C6A0] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\ul_catalog.21022.08.Microsoft_VC90_ATL_x64.RTM [MD5.378E43013CEAAC08368673B7D9FD97E6] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\ul_catalog.21022.08.Microsoft_VC90_CRT_x64.RTM [MD5.F8ECAB2B5B9DDF2882755ADC0011A52F] - [02/02/2014 16:04:41] - |A| - (.-.) - [9762] - (0.0.0.0) - C:\ul_catalog.21022.08.Microsoft_VC90_MFCLOC_x64.RTM [MD5.17231C39921FDDAC457AAECA2A53788D] - [02/02/2014 16:04:41] - |A| - (.-.) - [9749] - (0.0.0.0) - C:\ul_catalog.21022.08.Microsoft_VC90_MFC_x64.RTM [MD5.427E8A8E4E4FB58211A2049489C3E241] - [02/02/2014 16:04:42] - |A| - (.-.) - [9762] - (0.0.0.0) - C:\ul_catalog.21022.08.Microsoft_VC90_OpenMP_x64.RTM [MD5.0B843655AA7B0B08211CF61DBF19148E] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\ul_catalog.21022.08.policy_9_0_Microsoft_VC90_ATL_x64.RTM [MD5.BAA51153C78683E7E8F18FBD2F2FEBA3] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\ul_catalog.21022.08.policy_9_0_Microsoft_VC90_CRT_x64.RTM [MD5.E5CEB5B826310298CEA55C22AB26DC52] - [02/02/2014 16:04:42] - |A| - (.-.) - [9810] - (0.0.0.0) - C:\ul_catalog.21022.08.policy_9_0_Microsoft_VC90_MFCLOC_x64.RTM [MD5.5F869A9BF9CAF3B793C5C5922EE47A35] - [02/02/2014 16:04:42] - |A| - (.-.) - [9798] - (0.0.0.0) - C:\ul_catalog.21022.08.policy_9_0_Microsoft_VC90_MFC_x64.RTM [MD5.3FD5FF5DA4CBCE06A0EFF4CF86699929] - [02/02/2014 16:04:42] - |A| - (.-.) - [9810] - (0.0.0.0) - C:\ul_catalog.21022.08.policy_9_0_Microsoft_VC90_OpenMP_x64.RTM [30/06/2011 18:01:00] - |RD| - [31505137514] - C:\Users\Christine\Pictures [30/06/2011 18:50:28] - |D| - [31930] - C:\Users\Christine\readmes [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\Recent [30/06/2011 18:50:28] - |D| - [4217184] - C:\Users\Christine\redist [30/06/2011 18:01:00] - |RD| - [450] - C:\Users\Christine\Saved Games [30/06/2011 18:06:45] - |RD| - [2416] - C:\Users\Christine\Searches [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\SendTo [02/02/2010 19:19:44] - |A| - [453024] - C:\Users\Christine\setup.exe [02/08/2013 19:53:05] - |RD| - [100] - C:\Users\Christine\SkyDrive [14/01/2012 20:01:23] - |D| - [0] - C:\Users\Christine\Tracing [30/06/2011 18:01:00] - |RD| - [504] - C:\Users\Christine\Videos [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\Voisinage d'impression [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\Voisinage réseau [26/02/2015 21:24:29] - |A| - [2015744] - C:\Users\Christine\ZHPCleaner.exe [14/07/2009 05:20:08] - |RD| - [174482192281] - C:\Users [MD5.06FBA95313F26E300917C6CEA4480890] - [07/11/2007 08:00:40] - |A| - (.-.) - [5686] - (0.0.0.0) - C:\vcredist.bmp [MD5.E2758D09B59904CE852E05C8F2827FAF] - [07/11/2007 08:50:40] - |A| - (.-.) - [1927956] - (0.0.0.0) - C:\VC_RED.cab [MD5.D53737CEA320B066C099894ED1780705] - [07/11/2007 08:53:12] - |A| - (.-.) - [242176] - (0.0.0.0) - C:\VC_RED.MSI [30/06/2011 18:10:30] - |D| - [8599633] - C:\Users\Christine\AppData\Roaming\Adobe [27/04/2013 09:20:43] - |D| - [0] - C:\Users\Christine\AppData\Roaming\aec69a93-8d48-4cc4-b70d-afa08dc205e0ad [27/12/2014 19:42:05] - |D| - [40388598] - C:\Users\Christine\AppData\Roaming\Apple Computer [27/04/2014 11:39:38] - |D| - [1300089] - C:\Users\Christine\AppData\Roaming\AVAST Software [06/11/2011 12:28:22] - |RD| - [0] - C:\Users\Christine\AppData\Roaming\Brother [26/05/2012 19:56:17] - |D| - [41647] - C:\Users\Christine\AppData\Roaming\Cige [30/06/2011 18:01:14] - |D| - [24] - C:\Users\Christine\AppData\Roaming\DigitalPersona [08/07/2011 18:26:30] - |A| - [1854] - C:\Users\Christine\AppData\Roaming\GhostObjGAFix.xml [01/05/2013 20:57:23] - |D| - [0] - C:\Users\Christine\AppData\Roaming\Google [30/06/2011 18:01:27] - |D| - [49969] - C:\Users\Christine\AppData\Roaming\Hewlett-Packard [16/09/2011 18:02:20] - |D| - [159734] - C:\Users\Christine\AppData\Roaming\hpqLog [30/06/2011 18:06:37] - |D| - [0] - C:\Users\Christine\AppData\Roaming\Identities [28/06/2016 09:34:52] - |D| - [0] - C:\Users\Christine\AppData\Roaming\InstallShield [30/06/2011 18:10:33] - |D| - [506] - C:\Users\Christine\AppData\Roaming\Macromedia [02/07/2014 12:13:46] - |D| - [6528260] - C:\Users\Christine\AppData\Roaming\MakeMusic [12/02/2014 08:53:22] - |D| - [89564223] - C:\Users\Christine\AppData\Roaming\Malwarebytes [30/06/2011 18:01:00] - |D| - [0] - C:\Users\Christine\AppData\Roaming\Media Center Programs [30/06/2011 18:01:00] - |SD| - [59473751] - C:\Users\Christine\AppData\Roaming\Microsoft [10/07/2011 18:59:57] - |D| - [35714264] - C:\Users\Christine\AppData\Roaming\Mozilla [29/06/2014 16:49:24] - |D| - [3679] - C:\Users\Christine\AppData\Roaming\MusE [30/06/2011 18:53:19] - |D| - [4404409] - C:\Users\Christine\AppData\Roaming\OpenOffice.org [25/09/2011 11:04:09] - |D| - [6902406] - C:\Users\Christine\AppData\Roaming\Skype [30/06/2011 23:33:19] - |D| - [5311944] - C:\Users\Christine\AppData\Roaming\SoftGrid Client [30/06/2011 23:32:26] - |D| - [0] - C:\Users\Christine\AppData\Roaming\TP [28/12/2013 11:56:13] - |D| - [0] - C:\Users\Christine\AppData\Roaming\Unity [01/02/2014 13:47:48] - |D| - [686] - C:\Users\Christine\AppData\Roaming\vlc [24/12/2013 13:45:06] - |A| - [58] - C:\Users\Christine\AppData\Roaming\WB.CFG [12/11/2011 17:41:22] - |D| - [718] - C:\Users\Christine\AppData\Roaming\WildTangent [16/09/2011 18:01:44] - |D| - [0] - C:\Users\Christine\AppData\Roaming\WinBatch [18/10/2011 19:17:16] - |D| - [295] - C:\Users\Christine\AppData\Roaming\Windows Live Writer [27/12/2014 19:07:18] - |D| - [6105311] - C:\Users\Christine\AppData\Roaming\ZHP [29/07/2011 10:56:36] - |D| - [16781184] - C:\Users\Christine\AppData\Local\Adobe [27/12/2014 14:53:55] - |D| - [0] - C:\Users\Christine\AppData\Local\Apple [28/08/2015 16:37:57] - |D| - [16942144] - C:\Users\Christine\AppData\Local\Apple Computer [16/03/2016 20:05:32] - |D| - [21504] - C:\Users\Christine\AppData\Local\Apple Inc [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\AppData\Local\Application Data [24/12/2013 12:49:37] - |D| - [32724] - C:\Users\Christine\AppData\Local\cache [01/07/2011 20:58:19] - |D| - [3353189] - C:\Users\Christine\AppData\Local\CrashDumps [18/10/2011 19:14:40] - |A| - [3584] - C:\Users\Christine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [09/01/2012 21:18:49] - |D| - [0] - C:\Users\Christine\AppData\Local\Deployment [04/07/2011 20:47:45] - |D| - [0] - C:\Users\Christine\AppData\Local\Diagnostics [30/06/2011 18:01:14] - |D| - [0] - C:\Users\Christine\AppData\Local\DigitalPersona [30/06/2011 19:02:16] - |D| - [0] - C:\Users\Christine\AppData\Local\ElevatedDiagnostics [14/11/2014 15:41:35] - |SHD| - [0] - C:\Users\Christine\AppData\Local\EmieBrowserModeList [07/05/2014 19:40:09] - |SHD| - [0] - C:\Users\Christine\AppData\Local\EmieSiteList [07/05/2014 19:40:09] - |SHD| - [0] - C:\Users\Christine\AppData\Local\EmieUserList [19/02/2014 14:40:27] - |D| - [15935999] - C:\Users\Christine\AppData\Local\Facebook [30/06/2011 22:31:45] - |A| - [90488] - C:\Users\Christine\AppData\Local\GDIPFONTCACHEV1.DAT [30/06/2011 18:34:31] - |D| - [399945228] - C:\Users\Christine\AppData\Local\Google [06/06/2015 08:43:53] - |D| - [71] - C:\Users\Christine\AppData\Local\GWX [30/06/2011 18:01:26] - |D| - [7424] - C:\Users\Christine\AppData\Local\Hewlett-Packard [30/06/2011 18:01:17] - |D| - [1764] - C:\Users\Christine\AppData\Local\Hewlett-Packard_Company [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\AppData\Local\Historique [30/06/2011 23:49:11] - |AH| - [1567033] - C:\Users\Christine\AppData\Local\IconCache.db [30/06/2011 18:01:00] - |D| - [646767972] - C:\Users\Christine\AppData\Local\Microsoft [30/09/2011 15:39:02] - |D| - [319569] - C:\Users\Christine\AppData\Local\Microsoft Games [26/09/2011 08:10:38] - |D| - [0] - C:\Users\Christine\AppData\Local\Microsoft Help [22/06/2013 12:17:52] - |DC| - [0] - C:\Users\Christine\AppData\Local\MigWiz [19/03/2016 19:48:18] - |D| - [374684761] - C:\Users\Christine\AppData\Local\Mozilla [29/06/2014 16:49:23] - |D| - [1947] - C:\Users\Christine\AppData\Local\MusE [30/06/2011 18:06:53] - |D| - [0] - C:\Users\Christine\AppData\Local\PDFC [24/12/2013 12:44:55] - |D| - [0] - C:\Users\Christine\AppData\Local\Programs [30/06/2011 18:06:18] - |D| - [373] - C:\Users\Christine\AppData\Local\RemEngine [19/03/2016 18:47:28] - |D| - [4887745] - C:\Users\Christine\AppData\Local\Skype [30/06/2011 23:33:20] - |D| - [4587520] - C:\Users\Christine\AppData\Local\SoftGrid Client [05/03/2014 20:43:46] - |D| - [25794838] - C:\Users\Christine\AppData\Local\Temp [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\AppData\Local\Temporary Internet Files [07/12/2013 11:45:57] - |D| - [45051] - C:\Users\Christine\AppData\Local\TransMac [22/02/2012 17:01:49] - |D| - [0] - C:\Users\Christine\AppData\Local\Unity [30/06/2011 18:06:34] - |D| - [609558] - C:\Users\Christine\AppData\Local\VirtualStore [25/09/2011 11:31:40] - |D| - [157095721] - C:\Users\Christine\AppData\Local\Windows Live [18/10/2011 19:17:16] - |D| - [648527] - C:\Users\Christine\AppData\Local\Windows Live Writer [06/12/2015 13:15:22] - |D| - [0] - C:\Users\Christine\AppData\Local\{494CCB3B-56F1-4A87-9BDD-3396AC070353} [16/10/2015 16:58:39] - |D| - [0] - C:\Users\Christine\AppData\Local\{E6CCCCF7-F1E8-4526-8165-69EA45D56EA7} [30/06/2011 18:06:45] - |ASH| - [174] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [30/06/2011 18:01:00] - |SHD| - [0] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [30/06/2011 18:01:00] - |RD| - [35103] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [30/06/2011 18:01:00] - |RD| - [14213] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [30/06/2011 18:06:45] - |RD| - [174] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [30/06/2011 18:06:45] - |ASH| - [476] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [30/06/2011 18:06:46] - |A| - [1019] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [07/05/2013 20:22:44] - |D| - [3852] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lamy [30/06/2011 18:01:00] - |RD| - [580] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [19/03/2016 19:59:33] - |A| - [2238] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk [19/11/2014 20:21:40] - |D| - [0] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pvm [25/12/2013 12:11:11] - |D| - [4955] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [30/06/2011 18:06:45] - |RD| - [1275] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [07/12/2013 11:45:57] - |D| - [6321] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac [30/06/2011 18:06:45] - |ASH| - [174] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [19/03/2014 11:56:28] - |A| - [1101] - C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk ---------- | [Public] [14/07/2009 05:20:08] - |RHD| - [20935] - C:\Users\Public\Desktop [14/07/2009 06:54:24] - |ASH| - [174] - C:\Users\Public\desktop.ini [14/07/2009 05:20:08] - |RD| - [278] - C:\Users\Public\Documents [14/07/2009 05:20:08] - |RD| - [174] - C:\Users\Public\Downloads [14/07/2009 05:20:08] - |RHD| - [0] - C:\Users\Public\Favorites [14/07/2009 05:20:08] - |RHD| - [3800] - C:\Users\Public\Libraries [14/07/2009 05:20:08] - |RD| - [17472645] - C:\Users\Public\Music [14/07/2009 05:20:08] - |RD| - [5854793] - C:\Users\Public\Pictures [14/07/2009 09:45:37] - |RD| - [9699328] - C:\Users\Public\Recorded TV [30/06/2011 18:01:29] - |D| - [3798] - C:\Users\Public\Symantec [14/07/2009 05:20:08] - |RD| - [26246732] - C:\Users\Public\Videos ---------- | C:\ProgramData [29/07/2011 10:55:30] - |D| - [441837776] - C:\ProgramData\Adobe [27/12/2014 14:53:41] - |D| - [552838888] - C:\ProgramData\Apple [27/12/2014 14:56:17] - |D| - [104801550] - C:\ProgramData\Apple Computer [14/07/2009 07:08:56] - |SHD| - [62836836273] - C:\ProgramData\Application Data [30/06/2011 18:34:18] - |D| - [40709064] - C:\ProgramData\AVAST Software [02/06/2012 19:07:42] - |D| - [46] - C:\ProgramData\Brother [11/01/2011 05:13:25] - |D| - [2464143] - C:\ProgramData\Corel [14/07/2009 07:08:56] - |SHD| - [20935] - C:\ProgramData\Desktop [14/07/2009 07:08:56] - |SHD| - [278] - C:\ProgramData\Documents [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [01/05/2013 20:51:21] - |D| - [12722] - C:\ProgramData\Google [11/01/2011 05:05:37] - |D| - [54920406] - C:\ProgramData\Hewlett-Packard [11/01/2011 05:06:05] - |D| - [1102993] - C:\ProgramData\HPQLOG [11/01/2011 05:11:32] - |D| - [52266] - C:\ProgramData\intel [14/03/2014 08:51:23] - |D| - [1461662] - C:\ProgramData\ma-config.com [11/01/2011 05:05:48] - |D| - [2556389] - C:\ProgramData\Macrovision [02/07/2014 08:13:46] - |D| - [0] - C:\ProgramData\MakeMusic [12/02/2014 08:53:09] - |D| - [17933919] - C:\ProgramData\Malwarebytes [14/07/2009 05:20:08] - |SD| - [1867905596] - C:\ProgramData\Microsoft [26/09/2011 08:10:38] - |D| - [50144] - C:\ProgramData\Microsoft Help [02/08/2013 19:52:51] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [11/01/2011 05:24:04] - |D| - [14267] - C:\ProgramData\Norton [11/01/2011 05:23:26] - |D| - [9149356] - C:\ProgramData\NortonInstaller [16/03/2014 13:16:02] - |D| - [0] - C:\ProgramData\Oracle [21/03/2016 22:01:40] - |D| - [14104430] - C:\ProgramData\Package Cache [11/01/2011 05:17:30] - |D| - [0] - C:\ProgramData\PDFC [20/10/2011 18:30:22] - |D| - [52605] - C:\ProgramData\Recovery [02/08/2013 19:38:53] - |D| - [3211] - C:\ProgramData\regid.1991-06.com.microsoft [27/02/2015 08:48:19] - |D| - [134] - C:\ProgramData\RogueKiller [25/09/2011 11:03:27] - |D| - [171327152] - C:\ProgramData\Skype [14/07/2009 07:08:56] - |SHD| - [319189] - C:\ProgramData\Start Menu [30/06/2011 18:51:06] - |D| - [189] - C:\ProgramData\Sun [12/11/2011 21:30:40] - |D| - [0] - C:\ProgramData\Symantec [11/01/2011 05:13:45] - |AD| - [36864] - C:\ProgramData\Temp [14/07/2009 07:08:56] - |SHD| - [31386] - C:\ProgramData\Templates [01/07/2011 17:28:13] - |D| - [0] - C:\ProgramData\VirtualizedApplications [11/01/2011 05:18:44] - |D| - [2047113821] - C:\ProgramData\WildTangent [11/01/2011 05:17:55] - |HDC| - [5732933] - C:\ProgramData\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18} [25/01/2014 21:45:16] - |D| - [45529590] - C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 07:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 06:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [11/01/2011 05:17:00] - |A| - [1599] - C:\ProgramData\Microsoft\Windows\Start Menu\HP User Manuals.lnk [11/01/2011 05:16:40] - |A| - [1600] - C:\ProgramData\Microsoft\Windows\Start Menu\HP Warranty.lnk [14/07/2009 05:20:08] - |RD| - [313000] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 06:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] - |RD| - [39296] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [14/07/2009 07:32:38] - |RD| - [21157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [16/03/2014 13:18:32] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [28/08/2015 16:35:29] - |A| - [2519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [30/06/2015 17:47:18] - |D| - [1942] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [05/05/2013 11:41:26] - |D| - [924] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [30/06/2011 18:01:18] - |A| - [2314] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Créez un site web.lnk [14/07/2009 06:54:23] - |ASH| - [1324] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/07/2009 07:32:38] - |RD| - [71284] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [30/06/2011 18:35:10] - |A| - [2195] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [11/01/2011 05:05:56] - |RD| - [5119] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [11/01/2011 05:22:27] - |A| - [2254] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Connect Solutions.lnk [25/01/2014 21:52:47] - |D| - [2237] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support [03/06/2016 10:58:09] - |D| - [23378] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud [11/01/2011 05:22:18] - |A| - [2372] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Install HP Power Assistant.lnk [11/01/2011 05:13:29] - |D| - [2056] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterVideo WinDVD [03/06/2016 11:02:30] - |D| - [3923] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [24/09/2014 00:06:49] - |D| - [8299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [14/03/2014 08:51:25] - |D| - [3571] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com [14/07/2009 05:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [27/02/2015 08:13:19] - |D| - [3685] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [24/07/2009 21:18:04] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [25/09/2011 11:25:24] - |D| - [4265] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam [02/08/2013 19:33:44] - |D| - [16980] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [30/06/2011 23:33:10] - |D| - [14910] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français) [14/03/2013 04:05:42] - |D| - [2267] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [19/03/2016 20:05:37] - |A| - [1307] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [19/03/2016 19:48:09] - |A| - [1161] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [29/06/2014 16:49:20] - |D| - [2143] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore [30/06/2011 18:01:18] - |A| - [2107] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk [09/03/2014 19:44:38] - |D| - [6735] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1 [28/06/2016 09:35:32] - |D| - [3461] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100M Genie [30/06/2011 18:51:46] - |SD| - [6522] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2 [11/01/2011 05:05:17] - |SD| - [3337] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools [11/01/2011 05:17:40] - |D| - [1723] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Complete [19/03/2016 20:05:19] - |A| - [1376] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [19/11/2014 20:21:40] - |D| - [3785] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pvm [03/04/2016 14:36:10] - |D| - [6700] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [11/01/2011 05:13:58] - |RD| - [4538] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager [15/04/2015 03:12:02] - |D| - [2139] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [14/07/2009 05:20:08] - |RD| - [1323] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [07/01/2012 15:05:56] - |D| - [963] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tarrasch [14/07/2009 06:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [24/07/2009 21:17:55] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [25/09/2011 11:35:40] - |RD| - [5193] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [25/09/2011 11:37:01] - |A| - [1460] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [25/09/2011 11:36:47] - |A| - [2488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [14/07/2009 06:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [02/02/2014 15:33:52] - |D| - [3887] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP [27/12/2014 19:13:09] - |D| - [3887] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHPd ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 06:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [28/06/2016 09:35:37] - |A| - [1149] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk ---------- | C:\Program Files (x86) [16/03/2014 13:18:18] - |D| - [185854112] - C:\Program Files (x86)\Adobe [03/04/2016 14:41:07] - |D| - [2743854] - C:\Program Files (x86)\Apple Software Update [01/11/2015 11:03:39] - |D| - [631638] - C:\Program Files (x86)\Bonjour [14/07/2009 05:20:08] - |D| - [596243433] - C:\Program Files (x86)\Common Files [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [09/03/2014 10:29:26] - |D| - [134112] - C:\Program Files (x86)\FileHippo.com [30/06/2011 18:34:31] - |D| - [604631884] - C:\Program Files (x86)\Google [06/02/2015 01:19:56] - |D| - [6925168] - C:\Program Files (x86)\GUM43FE.tmp [04/12/2015 00:06:23] - |D| - [7294832] - C:\Program Files (x86)\GUMF66.tmp [06/02/2015 01:19:56] - |A| - [6103040] - C:\Program Files (x86)\GUT43FF.tmp [04/12/2015 00:06:23] - |A| - [6420480] - C:\Program Files (x86)\GUTF67.tmp [11/01/2011 05:05:19] - |D| - [370297940] - C:\Program Files (x86)\Hewlett-Packard [11/01/2011 05:18:48] - |D| - [593506740] - C:\Program Files (x86)\HP Games [11/01/2011 05:10:19] - |HD| - [52172486] - C:\Program Files (x86)\InstallShield Installation Information [11/01/2011 04:55:30] - |D| - [3891446] - C:\Program Files (x86)\Intel [14/07/2009 05:20:08] - |D| - [10797060] - C:\Program Files (x86)\Internet Explorer [11/01/2011 05:12:49] - |D| - [183046553] - C:\Program Files (x86)\InterVideo [03/06/2016 11:02:00] - |D| - [76267] - C:\Program Files (x86)\iTunes [16/03/2014 13:15:11] - |D| - [127640110] - C:\Program Files (x86)\Java [30/06/2011 18:51:31] - |D| - [16254752] - C:\Program Files (x86)\JRE [07/05/2013 20:22:29] - |D| - [89105010] - C:\Program Files (x86)\LamyCD [27/02/2015 08:13:09] - |D| - [49627721] - C:\Program Files (x86)\Malwarebytes Anti-Malware [11/01/2011 05:23:15] - |D| - [0] - C:\Program Files (x86)\Microsoft [30/06/2011 23:32:34] - |D| - [13140650] - C:\Program Files (x86)\Microsoft Application Virtualization Client [25/09/2011 11:24:49] - |D| - [29375744] - C:\Program Files (x86)\Microsoft LifeCam [11/01/2011 05:16:37] - |D| - [591009] - C:\Program Files (x86)\Microsoft Office [14/03/2013 04:04:34] - |D| - [42886030] - C:\Program Files (x86)\Microsoft Silverlight [02/08/2013 19:53:07] - |D| - [5987320] - C:\Program Files (x86)\Microsoft SkyDrive [25/09/2011 11:37:35] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [11/01/2011 05:00:38] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [13/06/2016 12:37:12] - |D| - [97023831] - C:\Program Files (x86)\Mozilla Firefox [19/03/2016 19:48:04] - |D| - [264310] - C:\Program Files (x86)\Mozilla Maintenance Service [02/02/2014 15:57:45] - |D| - [25757] - C:\Program Files (x86)\MSBuild [01/07/2011 21:47:52] - |D| - [0] - C:\Program Files (x86)\MSXML 4.0 [29/06/2014 16:49:14] - |D| - [131003889] - C:\Program Files (x86)\MuseScore [01/11/2014 18:31:40] - |D| - [438784] - C:\Program Files (x86)\MUSICSTATION [28/06/2016 09:35:31] - |D| - [22793742] - C:\Program Files (x86)\NETGEAR [11/01/2011 05:18:36] - |RD| - [1415358] - C:\Program Files (x86)\Online Services [30/06/2011 18:51:26] - |D| - [373069270] - C:\Program Files (x86)\OpenOffice.org 3 [11/01/2011 05:17:36] - |D| - [45444907] - C:\Program Files (x86)\PDF Complete [19/11/2014 20:21:40] - |D| - [412172] - C:\Program Files (x86)\Pvm [03/04/2016 14:35:47] - |D| - [71555370] - C:\Program Files (x86)\QuickTime [11/01/2011 05:10:32] - |D| - [48439191] - C:\Program Files (x86)\Realtek [02/02/2014 15:57:45] - |D| - [39175425] - C:\Program Files (x86)\Reference Assemblies [25/09/2011 11:03:34] - |RD| - [64690971] - C:\Program Files (x86)\Skype [07/01/2012 15:05:56] - |D| - [14604817] - C:\Program Files (x86)\Tarrasch [11/01/2011 05:10:32] - |HD| - [0] - C:\Program Files (x86)\Temp [07/12/2013 11:45:56] - |D| - [9646] - C:\Program Files (x86)\TransMac [14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [25/12/2013 12:11:11] - |D| - [2232106] - C:\Program Files (x86)\VS Revo Group [14/07/2009 07:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender [25/09/2011 11:35:38] - |D| - [159302903] - C:\Program Files (x86)\Windows Live [14/07/2009 05:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 07:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player [14/07/2009 05:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT [14/07/2009 07:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [07/05/2013 20:22:29] - |HD| - [1637] - C:\Program Files (x86)\Zero G Registry [27/12/2014 19:07:18] - |D| - [17766500] - C:\Program Files (x86)\ZHPDiag ---------- | C:\Program Files [27/04/2014 11:38:02] - |D| - [1148713430] - C:\Program Files\AVAST Software [01/11/2015 11:03:39] - |D| - [615046] - C:\Program Files\Bonjour [05/05/2013 11:41:24] - |D| - [18324760] - C:\Program Files\CCleaner [14/07/2009 05:20:08] - |D| - [280461141] - C:\Program Files\Common Files [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [14/07/2009 07:32:38] - |D| - [90256916] - C:\Program Files\DVD Maker [01/05/2013 20:51:31] - |D| - [1242232] - C:\Program Files\Google [11/01/2011 05:05:23] - |D| - [139229842] - C:\Program Files\Hewlett-Packard [11/01/2011 05:06:16] - |D| - [1705] - C:\Program Files\hp [14/07/2009 05:20:08] - |D| - [42719695] - C:\Program Files\Internet Explorer [03/06/2016 11:02:00] - |D| - [4170211] - C:\Program Files\iPod [03/06/2016 11:01:59] - |D| - [190501938] - C:\Program Files\iTunes [14/03/2014 08:51:24] - |D| - [12155435] - C:\Program Files\ma-config.com [25/09/2011 11:24:49] - |D| - [34291204] - C:\Program Files\Microsoft LifeCam [30/06/2011 23:32:35] - |D| - [1584815] - C:\Program Files\Microsoft Office [02/08/2013 19:32:21] - |D| - [1965206563] - C:\Program Files\Microsoft Office 15 [14/03/2013 04:04:34] - |D| - [55717262] - C:\Program Files\Microsoft Silverlight [02/02/2014 15:57:41] - |D| - [25757] - C:\Program Files\MSBuild [09/03/2014 19:44:38] - |D| - [3440673] - C:\Program Files\MyDefrag v4.3.1 [11/01/2011 05:22:31] - |RD| - [69569] - C:\Program Files\Online Services [11/01/2011 05:18:39] - |D| - [2178436] - C:\Program Files\PlayReady [11/01/2011 04:55:48] - |D| - [39563392] - C:\Program Files\Realtek [02/02/2014 15:57:41] - |D| - [36834473] - C:\Program Files\Reference Assemblies [14/07/2009 07:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [14/07/2009 07:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender [25/09/2011 11:35:00] - |D| - [312914] - C:\Program Files\Windows Live [14/07/2009 05:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail [14/07/2009 07:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player [14/07/2009 05:20:08] - |D| - [12627636] - C:\Program Files\Windows NT [14/07/2009 07:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [1179447] - C:\Program Files\Windows Sidebar ---------- | C:\Program Files (x86)\Common Files [16/03/2014 13:18:18] - |D| - [10787107] - C:\Program Files (x86)\Common Files\Adobe [27/12/2014 14:54:35] - |D| - [235242110] - C:\Program Files (x86)\Common Files\Apple [05/12/2015 11:26:52] - |D| - [1534632] - C:\Program Files (x86)\Common Files\AV [30/06/2011 23:32:36] - |D| - [114032] - C:\Program Files (x86)\Common Files\DESIGNER [11/01/2011 05:10:16] - |D| - [3990558] - C:\Program Files (x86)\Common Files\InstallShield [11/01/2011 05:11:48] - |D| - [10915840] - C:\Program Files (x86)\Common Files\Intel [11/01/2011 05:13:11] - |D| - [179248] - C:\Program Files (x86)\Common Files\InterVideo [24/09/2014 00:07:19] - |D| - [1256203] - C:\Program Files (x86)\Common Files\Java [14/07/2009 05:20:08] - |D| - [32782601] - C:\Program Files (x86)\Common Files\microsoft shared [26/10/2012 19:20:39] - |D| - [450] - C:\Program Files (x86)\Common Files\PC Tools [11/01/2011 05:13:11] - |D| - [1677888] - C:\Program Files (x86)\Common Files\Protexis [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [15/04/2015 03:12:01] - |D| - [2399872] - C:\Program Files (x86)\Common Files\Skype [14/07/2009 05:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [19/11/2011 20:10:23] - |D| - [0] - C:\Program Files (x86)\Common Files\Symantec Shared [14/07/2009 05:20:08] - |D| - [10241523] - C:\Program Files (x86)\Common Files\System [25/09/2011 11:31:38] - |D| - [197455140] - C:\Program Files (x86)\Common Files\Windows Live [02/02/2014 13:49:43] - |D| - [46559744] - C:\Program Files (x86)\Common Files\Wise Installation Wizard ---------- | C:\Program Files\Common files [28/08/2015 16:33:37] - |D| - [208265215] - C:\Program Files\Common files\Apple [05/12/2015 11:26:52] - |D| - [1534632] - C:\Program Files\Common files\AV [11/01/2011 05:11:48] - |D| - [13916160] - C:\Program Files\Common files\Intel [14/07/2009 05:20:08] - |D| - [42513245] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 05:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 05:20:08] - |D| - [13620419] - C:\Program Files\Common files\System ---------- | Tasks [MD5.EA537CE3E15E2E75B8D84B3B3CE171E9] - [31/07/2015 09:09:52] - |A| - [1002] - C:\Windows\Tasks\Adobe Flash Player Updater.job [MD5.5B7B3041BAEF045DFCD214125BFB570D] - [30/06/2011 18:34:34] - |A| - [1066] - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [MD5.E6EBDDCF5923E9999ECB845D9FBDCB4B] - [30/06/2011 18:34:35] - |A| - [1070] - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.29D6DAE3C255B665435232FBBA475872] - [01/08/2011 09:00:43] - |A| - [352] - C:\Windows\Tasks\HPCeeScheduleForCHRISTINE-HP$.job [MD5.29291BF793FEE75E6F7CC7382BAE9111] - [30/09/2011 15:54:52] - |A| - [348] - C:\Windows\Tasks\HPCeeScheduleForChristine.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.A3C362D36A1EDC1D8A8C61AD831658D0] - [14/07/2009 07:08:49] - |A| - [32496] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.2169DAE6F2527E98B19B04C7730F1AFA] - [26/12/2014 10:52:34] - |A| - [4476] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.BC55F8963D17D1CA8C2D746CB88EAB92] - [31/07/2015 09:09:52] - |A| - [3940] - C:\Windows\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.00000000000000000000000000000000] - [03/04/2016 14:41:09] - |D| - [3386] - C:\Windows\System32\Tasks\Apple [MD5.00000000000000000000000000000000] - [05/12/2015 11:26:53] - |D| - [3860] - C:\Windows\System32\Tasks\AVAST Software [MD5.4F64E82A8CB24BF3B4E55B7600D36F4C] - [27/04/2014 11:38:45] - |A| - [4182] - C:\Windows\System32\Tasks\avast! Emergency Update : C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [MD5.0767D6AD720C1DF1DB6C03D714144BC8] - [05/05/2013 11:41:28] - |A| - [2780] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.A0579125E6BEEE1A6659E8E53B51569A] - [19/02/2014 14:40:29] - |A| - [3560] - C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1337958871-3204205146-398528937-1001Core : C:\Users\Christine\AppData\Local\Facebook\Update\FacebookUpdate.exe [MD5.CDDECE296EFDFF36655A801F730C1DF2] - [19/02/2014 14:40:30] - |A| - [3928] - C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1337958871-3204205146-398528937-1001UA : C:\Users\Christine\AppData\Local\Facebook\Update\FacebookUpdate.exe [MD5.52D08DF9BF367F44C85B364B67C61D19] - [30/06/2011 18:34:34] - |A| - [3814] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.CD0AF34F2B88621399E33BD71F7E941C] - [30/06/2011 18:34:35] - |A| - [4066] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [11/01/2011 05:15:20] - |D| - [12320] - C:\Windows\System32\Tasks\Hewlett-Packard [MD5.DBD87C972955D436D9D59E491F3160C3] - [30/09/2011 15:54:52] - |A| - [3210] - C:\Windows\System32\Tasks\HPCeeScheduleForChristine : C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.70C229A8555E9757A9CE653F993415F0] - [01/08/2011 09:00:43] - |A| - [3210] - C:\Windows\System32\Tasks\HPCeeScheduleForCHRISTINE-HP$ : C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.02F698CD88198D334445E967FE67824C] - [11/01/2011 05:17:59] - |A| - [3184] - C:\Windows\System32\Tasks\HPOSIAPP64 : "%ProgramFiles(x86)%\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe" [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [326672] - C:\Windows\System32\Tasks\Microsoft [MD5.C17AFD443BD907B77243B29C6632CA31] - [29/06/2015 17:03:46] - |A| - [2926] - C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_vVX3000_exe : C:\Windows\vVX3000.exe [MD5.51846A239ED92B99BB847FFBBDCE3801] - [09/03/2014 19:44:39] - |A| - [3458] - C:\Windows\System32\Tasks\MyDefrag v4.3.1 Daily : "C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD" [MD5.7E9B936F6BA39DE904201EE913A3F7BC] - [09/03/2014 19:44:40] - |A| - [4138] - C:\Windows\System32\Tasks\MyDefrag v4.3.1 Monthly : "C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD" [MD5.00000000000000000000000000000000] - [30/06/2011 23:32:49] - |D| - [4392] - C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform [MD5.DA8E7867EA9A3FBC9CE56ED372C2D991] - [30/06/2011 18:00:53] - |A| - [3290] - C:\Windows\System32\Tasks\RMCreator : C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [MD5.89B2680B9E67849F8E47C664858A2480] - [30/06/2011 18:36:01] - |A| - [3148] - C:\Windows\System32\Tasks\SidebarExecute : C:\Program Files\Windows Sidebar\sidebar.exe [MD5.FFF5326CFEF29D85FD0EE610A14AB566] - [25/08/2015 20:45:53] - |A| - [3968] - C:\Windows\System32\Tasks\User_Feed_Synchronization-{A5D5D478-A627-4D19-B741-02BAA2F2DB2A} : C:\Windows\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [4492] - C:\Windows\System32\Tasks\WPD [MD5.5EC4335065F8A1F28FE743BDF15A7350] - [04/01/2014 12:17:29] - |A| - [3278] - C:\Windows\System32\Tasks\{009828A6-45A5-4AF3-9998-28023D1E6CFD} : C:\Windows\system32\pcalua.exe [MD5.CE41734B206919E4A4206FAB16F651AC] - [25/09/2011 11:04:03] - |A| - [2878] - C:\Windows\System32\Tasks\{44023CBA-38D1-4297-B6BE-85C94C1248E6} : C:\Program Files (x86)\Skype\\Phone\Skype.exe [MD5.959ACFA0CD9D3FFAF667F7CAF59A8725] - [24/01/2015 10:47:16] - |A| - [3188] - C:\Windows\System32\Tasks\{593EE562-6D03-41A4-83BE-1DBEB2B696B1} : C:\Windows\system32\pcalua.exe [MD5.57848BE650CFE8C3A55E5F5F740F1675] - [13/05/2012 14:58:00] - |A| - [3166] - C:\Windows\System32\Tasks\{64836E05-AB4E-4185-9488-62883B61EEE7} : "c:\program files (x86)\google\chrome\application\chrome.exe" [MD5.83975CD97F329CD7BB119ECCE3DBD9E7] - [08/05/2013 12:05:36] - |A| - [3176] - C:\Windows\System32\Tasks\{783AB13E-B8C5-44D8-BF6F-692B0CA8DCD2} : C:\Windows\system32\pcalua.exe [MD5.B39278062617868597D1A58CB4B25ED2] - [09/02/2014 19:34:49] - |A| - [3196] - C:\Windows\System32\Tasks\{8972DC80-DB65-41AF-A827-37A1CB828D15} : C:\Windows\system32\pcalua.exe [MD5.68165506F573EB14BF3E1000F88B6942] - [29/01/2014 19:29:17] - |A| - [3316] - C:\Windows\System32\Tasks\{8DCFE8B7-64D7-408A-AF22-0B5C3688EC8A} : C:\Windows\system32\pcalua.exe [MD5.DC48966720836AFE2F7B588E44B1B08F] - [13/05/2012 14:51:59] - |A| - [3174] - C:\Windows\System32\Tasks\{B61017F1-61BB-43D0-A09A-6996295B189E} : "c:\program files (x86)\google\chrome\application\chrome.exe" [MD5.41FA460497B1462BFEEB91A5615F08BC] - [27/12/2014 19:13:16] - |A| - [3168] - C:\Windows\System32\Tasks\{C1233DAF-F170-4433-81EF-C9889C0E8829} : C:\Windows\system32\pcalua.exe [MD5.172D9C0489A80F4107DEEF2E6CF825F1] - [27/12/2014 19:10:24] - |A| - [3168] - C:\Windows\System32\Tasks\{D0690F01-62B7-495A-9E56-8002FFAA9F7D} : C:\Windows\system32\pcalua.exe [MD5.5EC4335065F8A1F28FE743BDF15A7350] - [04/01/2014 12:17:26] - |A| - [3278] - C:\Windows\System32\Tasks\{D17E3D3B-1A26-4DFD-A07D-2F8BD902B877} : C:\Windows\system32\pcalua.exe [MD5.6E4B1754919A602DEA7429D5BF52CA0D] - [26/02/2015 21:51:07] - |A| - [3168] - C:\Windows\System32\Tasks\{D3783A42-3443-4C41-9B92-E60C36D593E9} : C:\Windows\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{B4A2BB22-E68A-4A54-A60B-E486DB0600C4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{7E31A864-EA39-45AC-B03D-7EAD6527652B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe|Name=LifeCam.exe| "{2464CF21-AC82-48F5-A48A-E2AD28B5BC66}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe|Name=LifeCam.exe| "{BFD0AA09-918B-47B1-A7F6-973CD9F2BB18}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe|Name=LifeEnC2.exe| "{17EAC94D-0070-41A9-A4B6-0F93DBF80A45}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe|Name=LifeEnC2.exe| "{05F1E674-08B0-41B0-A5F0-E1660C752AE8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe|Name=LifeExp.exe| "{03B66A4E-F196-4CAC-9AD5-D6596094EBA0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe|Name=LifeExp.exe| "{F46DB2D7-7A4D-4C69-9812-C4B0CD245045}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe|Name=LifeTray.exe| "{7F70AB77-72E8-4BEB-AE7F-A1CA3A54080E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe|Name=LifeTray.exe| "TCP Query User{8A260F7E-9CE0-4B43-B3C5-5E9CEB52811D}C:\program files (x86)\internet explorer\iexplore.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\internet explorer\iexplore.exe|Name=Internet Explorer|Desc=Internet Explorer| "UDP Query User{3089187E-423F-4DC9-BF37-AF22F4046113}C:\program files (x86)\internet explorer\iexplore.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\internet explorer\iexplore.exe|Name=Internet Explorer|Desc=Internet Explorer| "{6521B898-B838-472F-882F-AD175A74EC00}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype| "TCP Query User{91AE7340-3C56-404D-AC87-915C11A5FB13}C:\program files (x86)\lamycd\jre\bin\javaw.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\lamycd\jre\bin\javaw.exe|Name=javaw|Desc=javaw| "UDP Query User{D15D632B-AC5C-4D97-9E2A-00C4A3081DFB}C:\program files (x86)\lamycd\jre\bin\javaw.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\lamycd\jre\bin\javaw.exe|Name=javaw|Desc=javaw| "{E71028B2-130C-4A3B-BEF4-C0D5A63F1657}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Christine\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe|Name=Microsoft SkyDrive| "{3AAA2388-09CD-4FC7-9B2F-F68927A6078C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=48113|RA4=LocalSubnet|RA6=LocalSubnet|Name=maconfig_tcp| "{7F075BF2-79C3-48E1-8ECA-D1B768151599}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=48114|RA4=LocalSubnet|RA6=LocalSubnet|Name=maconfig_tcptls| "{B6D2C928-CD95-4293-A62F-D56EC6246BF3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\ma-config.com\MaConfigAgent.exe|Name=maconfigagent| "{7F925CCA-D3EE-4908-B3CC-F722286F4FA0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\ma-config.com\MaConfigAgent.exe|Name=maconfigagent| "{C9F37B1C-86CF-499D-A7E9-902C05BEE8B9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Christine\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe|Name=Facebook Video Calling Plugin|Edge=TRUE| "{8D0C80D6-EEDE-4DDA-8E11-66A15EAFF5EE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{85EC2915-3339-48FF-A2CD-22D0924158E7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{C6B7B2EB-1F0D-4B70-8026-E00CE2601AD7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{65BAEDED-567F-453E-A54D-CD43E505624D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{ECB51C37-BBE4-4410-8CDE-5D8D8F0326CA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{48756C6C-D3E1-4033-82C0-70426C42C842}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{3A9E43F8-DC4A-4AD4-99A6-4F99E17F11E2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE| "{0E803CC8-0062-4AD6-B0FA-7A96B0AD32AD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{B2374D47-0BB7-4F94-83FA-A1B8BE478049}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "{936F198A-A872-42C4-AA5D-0A3CBA3C0D88}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe|Name=Windows Live Messenger|Edge=TRUE| "{33BE5F1C-7955-4289-904C-46DC1BE7B11E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C99-B45F-E9707B377636}] : (aswEmHWID2) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{54505F9E-EE66-4F1D-A63B-B853A1759385}] : (SymNetS) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{56EBD688-B772-4181-9610-8633FCEE988D}] : (SymIRON) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5A46010E-C74B-4CB1-A041-D22759FE9F9C}] : (Sftplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7E0006EA-81A8-4780-B0C8-474E2DBF4D63}] : (IDSVia64) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{AB4964A5-4361-4899-BA0A-180305F2BF92}] : (aswTdi) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [04/06/2009 21:32:52] - (5.1.7.0) - (McAfee, Inc. - SafeBoot FIPS AES Algorithm (256 bit)) - C:\Windows\System32\Drivers\SbAlg.sys [02/02/2010 03:11:36] - (5.2.2.4) - (McAfee, Inc. - McAfee Endpoint Encryption FS Locker) - C:\Windows\System32\Drivers\SbFsLock.sys [02/02/2010 03:11:32] - (0.0.0.0) - ( -) - C:\Windows\System32\Drivers\SafeBoot.sys [27/04/2014 11:38:37] - (10.2.2218.942) - ( -) - C:\Windows\System32\Drivers\aswVmm.sys [27/04/2014 11:38:36] - (10.2.2218.942) - ( -) - C:\Windows\System32\Drivers\aswRvrt.sys [02/02/2010 03:11:34] - (5.2.2.4) - (McAfee, Inc. - McAfee Endpoint Encryption Reserved Files Lock Driver) - C:\Windows\System32\Drivers\RsvLock.SYS [18/06/2016 20:05:45] - (5.1.2.248) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL [27/04/2014 11:38:35] - (10.2.2218.942) - ( -) - C:\Windows\system32\drivers\aswHwid.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys R0 - amdxata () -> system32\drivers\amdxata.sys R0 - aswRvrt (avast! Revert) -> (?) R0 - aswVmm (avast! VM Monitor) -> (?) R0 - atapi (Canal IDE) -> system32\drivers\atapi.sys R0 - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - Disk (Pilote de disque) -> system32\drivers\disk.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys R0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - intelide () -> system32\drivers\intelide.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msisadrv () -> system32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (Pilote de bus PCI) -> system32\drivers\pci.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys R0 - SafeBoot () -> (?) R0 - SbAlg () -> (?) R0 - SbFsLock () -> (?) R0 - spldr (Security Processor Loader Driver) -> (?) R0 - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> system32\drivers\vmstorfl.sys R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys R0 - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys R0 - vmbus (@%SystemRoot%\system32\vmbusres.dll,-1000) -> system32\drivers\vmbus.sys R0 - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys R1 - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys R1 - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys R1 - Beep (Beep) -> (?) R1 - blbdrive () -> system32\DRIVERS\blbdrive.sys R1 - cdrom (Pilote de CD-ROM) -> \SystemRoot\system32\drivers\cdrom.sys R1 - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys R1 - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys R1 - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys R1 - Msfs () -> (?) R1 - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys R1 - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys R1 - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys R1 - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys R1 - RsvLock () -> (?) R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys R1 - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys R1 - VgaSave () -> \SystemRoot\System32\drivers\vga.sys R1 - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys R1 - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys R1 - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys R2 - AdobeARMservice (Adobe Acrobat Update Service) -> "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" R2 - Apple Mobile Device Service (Apple Mobile Device Service) -> "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" R2 - aswHwid (avast! HardwareID) -> \SystemRoot\system32\drivers\aswHwid.sys R2 - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys S2 - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys R2 - AudioEndpointBuilder (@%SystemRoot%\system32\audiosrv.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - AudioSrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - avast! Antivirus (Avast Antivirus) -> "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - Bonjour Service (Service Bonjour) -> "C:\Program Files\Bonjour\mDNSResponder.exe" R2 - ClickToRunSvc (Service Démarrer en clic Microsoft Office) -> "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service S2 - clr_optimization_v4.0.30319_32 (Microsoft .NET Framework NGEN v4.0.30319_X86) -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe S2 - clr_optimization_v4.0.30319_64 (Microsoft .NET Framework NGEN v4.0.30319_X64) -> C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - CscService (@%systemroot%\system32\cscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - cvhsvc (Client Virtualization Handler) -> "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" R2 - DcomLaunch (@oleres.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - DiagTrack (@%SystemRoot%\system32\UtcResources.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DpHost (@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128) -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - eventlog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - gpsvc (@gpapi.dll,-112) -> %windir%\system32\svchost.exe -k GPSvcGroup S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - HP ProtectTools Service (HP ProtectTools Service) -> "c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe" R2 - HP Support Assistant Service (HP Support Assistant Service) -> "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" R2 - HpFkCryptService (Drive Encryption Service) -> "c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe" R2 - HPFSService (File Sanitizer for HP ProtectTools) -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - IviRegMgr (IviRegMgr) -> "C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe" R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys R2 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys R2 - MaConfigAgent (Ma-Config Agent) -> "C:\Program Files\ma-config.com\MaConfigAgent.exe" S2 - MMCSS (@%systemroot%\system32\mmcss.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - MSCamSvc (MSCamSvc) -> "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - pdfcDispatcher (PDF Document Manager) -> C:\Program Files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - PSI_SVC_2 (Protexis Licensing V2) -> "C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@oleres.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - sftlist (Application Virtualization Client) -> "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - SkypeUpdate (Skype Updater) -> "C:\Program Files (x86)\Skype\Updater\Updater.exe" R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - UxSms (@%SystemRoot%\system32\dwm.exe,-2000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - WinDefend (@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103) -> %SystemRoot%\System32\svchost.exe -k secsvcs R2 - Wlansvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - wlidsvc (Windows Live ID Sign-in Assistant) -> "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" R2 - WMPNetworkSvc (@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101) -> "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding R2 - WSWNA3100M (WSWNA3100M) -> C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe R2 - wuauserv (@%systemroot%\system32\wuaueng.dll,-105) -> %systemroot%\system32\svchost.exe -k netsvcs ---------- | System files (Microsoft Files whitelisted) [MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 22:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\Windows\System32\Drivers\adp94xx.sys [MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 23:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\Windows\System32\Drivers\adpahci.sys [MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 23:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\Windows\System32\Drivers\adpu320.sys [MD5.5812713A477A3AD7363C7438CA2EE038] - [14/07/2009 01:19:47] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [15.08 Ko] - (1.2.0.0) - C:\Windows\System32\Drivers\aliide.sys [MD5.1FF8B4431C353CE385C875F194924C0C] - [14/07/2009 01:19:49] - (.Copyright (C) AMD 2003 - Pilote IDE AMD.) - [15.08 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\amdide.sys [MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - [14/07/2011 10:45:06] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdsata.sys [MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 22:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\Windows\System32\Drivers\amdsbs.sys [MD5.540DAF1CEA6094886D72126FD7C33048] - [14/07/2011 10:45:06] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.38 Ko] - (1.1.2.5) - C:\Windows\System32\Drivers\amdxata.sys [MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 23:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\Windows\System32\Drivers\arc.sys [MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 23:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\Windows\System32\Drivers\arcsas.sys [MD5.B5B4C90E9F52DA8586F1E5461AD90A5D] - [27/04/2014 11:38:35] - (.-.) - [28.48 Ko] - (10.2.2218.942) - C:\Windows\System32\Drivers\aswHwid.sys [MD5.300CB8E510855189CAD0B72FFB5590CB] - [27/04/2014 11:38:35] - (.Copyright (c) 2014 AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) - [87.84 Ko] - (10.2.2218.942) - C:\Windows\System32\Drivers\aswMonFlt.sys [MD5.6D37D8DB30D086739507C5F6E542656A] - [27/04/2014 11:38:34] - (.Copyright (c) 2014 AVAST Software - avast! WFP Redirect Driver.) - [91.34 Ko] - (10.2.2218.942) - C:\Windows\System32\Drivers\aswRdr2.sys [MD5.07E32DFCA422A2920482D762D01957EC] - [27/04/2014 11:38:36] - (.-.) - [64.2 Ko] - (10.2.2218.942) - C:\Windows\System32\Drivers\aswRvrt.sys [MD5.3B4AC2DBFC86F7247C1FF1FAF2860530] - [27/04/2014 11:38:37] - (.Copyright (c) 2014 AVAST Software - avast! Virtualization Driver.) - [1022.77 Ko] - (10.2.2218.942) - C:\Windows\System32\Drivers\aswSnx.sys [MD5.A04F190FCD762E7BCC9BFC70563C52DB] - [27/04/2014 11:38:36] - (.Copyright (c) 2014 AVAST Software - avast! self protection module.) - [431.9 Ko] - (10.2.2218.945) - C:\Windows\System32\Drivers\aswsp.sys [MD5.6E53278ECCFFBC2ACC2A5006745ED4BB] - [27/04/2014 11:38:38] - (.Copyright (c) 2014 AVAST Software - Stream Filter.) - [134.07 Ko] - (10.2.2218.942) - C:\Windows\System32\Drivers\aswStm.sys [MD5.91782404718C6352C26B3242BAC3F0F1] - [27/04/2014 11:38:37] - (.-.) - [265.87 Ko] - (10.2.2218.942) - C:\Windows\System32\Drivers\aswVmm.sys [MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 22:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\Windows\System32\Drivers\b57nd60a.sys [MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [14/07/2009 03:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\Windows\System32\Drivers\BrFiltLo.sys [MD5.B114D3098E9BDB8BEA8B053685831BE6] - [14/07/2009 03:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\Windows\System32\Drivers\BrFiltUp.sys [MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [14/07/2009 03:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [280 Ko] - (1.0.1.6) - C:\Windows\System32\Drivers\BrSerId.sys [MD5.A6ECA2151B08A09CACECA35C07F05B42] - [14/07/2009 03:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\Windows\System32\Drivers\BrSerWdm.sys [MD5.B79968002C277E869CF38BD22CD61524] - [14/07/2009 03:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\Windows\System32\Drivers\BrUsbMdm.sys [MD5.A87528880231C54E75EA7A44943B38BF] - [14/07/2009 03:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\Windows\System32\Drivers\BrUsbSer.sys [MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 22:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\Windows\System32\Drivers\bxvbda.sys [MD5.E19D3F095812725D88F9001985B94EDD] - [14/07/2009 01:19:48] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [17.08 Ko] - (2.0.7.0) - C:\Windows\System32\Drivers\cmdide.sys [MD5.A398ED024F739E7BE74ECFFA8A713A89] - [02/03/2010 01:59:50] - (.-.) - [23.8 Ko] - (0.0.0.0) - C:\Windows\System32\Drivers\cpqdfw.sys [MD5.10FB0FF62AF6262BF88E3607E2AE2A69] - [02/03/2010 01:59:50] - (.-.) - [23.8 Ko] - (0.0.0.0) - C:\Windows\System32\Drivers\cqcpu.sys [MD5.A8BA4DA23AC20BDA23CA15234D42A3FA] - [21/10/2009 23:37:52] - (.Copyright (C) 2008 Hewlett-Packard Development Company L.P.2009 - HP Device Access Manager for ProtectTools Driver.) - [39.8 Ko] - (5.0.0.6) - C:\Windows\System32\Drivers\DAMDrv64.sys [MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 22:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\Windows\System32\Drivers\elxstor.sys [MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 22:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\Windows\System32\Drivers\evbda.sys [MD5.F2523EF6460FC42405B12248338AB2F0] - [14/07/2009 00:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\Windows\System32\Drivers\hcw85cir.sys [MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [17/05/2013 18:00:12] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\Windows\System32\Drivers\HpSAMD.sys [MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - [14/07/2011 10:45:06] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.88 Ko] - (8.6.2.1014) - C:\Windows\System32\Drivers\iaStorV.sys [MD5.D926F1C76A78A69A154187CEB487E863] - [16/10/2010 05:28:42] - (.Copyright (c) 1998-2006 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [10370.41 Ko] - (8.15.10.2226) - C:\Windows\System32\Drivers\igdkmd64.sys [MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 23:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\Windows\System32\Drivers\iirsp.sys [MD5.DD587A55390ED2295BCE6D36AD567DA9] - [11/01/2011 05:51:16] - (.Copyright(C) 2008 Intel Corporation - Intel(R) Turbo Boost Technology Driver.) - [155.25 Ko] - (1.2.0.1002) - C:\Windows\System32\Drivers\Impcd.sys [MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_fc.sys [MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\Windows\System32\Drivers\lsi_sas.sys [MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 23:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\Windows\System32\Drivers\lsi_sas2.sys [MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 23:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\Windows\System32\Drivers\lsi_scsi.sys [MD5.CA43F8904E24BBE49982E4C0B29E6579] - [27/02/2015 08:13:10] - (.© Malwarebytes Corporation. - Malwarebytes Anti-Malware.) - [25.21 Ko] - (0.1.15.0) - C:\Windows\System32\Drivers\mbam.sys [MD5.478CC94C937D235CB0A96AB8F2359D81] - [27/02/2015 08:13:11] - (.© Malwarebytes Corporation. - Malwarebytes Chameleon Protection Driver.) - [91.21 Ko] - (1.1.4.0) - C:\Windows\System32\Drivers\mbamchameleon.sys [MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] - [27/02/2015 08:14:46] - (.© Malwarebytes Corporation. - Malwarebytes Anti-Malware.) - [126.71 Ko] - (0.2.13.0) - C:\Windows\System32\Drivers\MBAMSwissArmy.sys [MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 22:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\Windows\System32\Drivers\megasas.sys [MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 23:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\Windows\System32\Drivers\MegaSR.sys [MD5.A646C2DDB8C46E9B20A326FAF566646C] - [27/02/2015 08:13:11] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [62.21 Ko] - (1.0.6.0) - C:\Windows\System32\Drivers\mwac.sys [MD5.EE00C544C025958AF50C7B199F3C8595] - [16/01/2015 17:22:32] - (.Copyright (C) 2009 Apple Inc. - Apple Mobile Device Ethernet.) - [22.5 Ko] - (1.8.5.1) - C:\Windows\System32\Drivers\netaapl64.sys [MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 23:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\Windows\System32\Drivers\nfrd960.sys [MD5.0A92CB65770442ED0DC44834632F66AD] - [14/07/2011 10:45:06] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [144.88 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvraid.sys [MD5.DAB0E87525C10052BF65F06152F37E4A] - [14/07/2011 10:45:06] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.38 Ko] - (10.6.0.18) - C:\Windows\System32\Drivers\nvstor.sys [MD5.DC3FA0B732B5EF07C0CDE1682F6D0824] - [11/01/2011 05:19:53] - (.© OEM 1998-2008. - Device Driver for Parallel Port.) - [96 Ko] - (7.0.0.8) - C:\Windows\System32\Drivers\OxPPort.sys [MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 22:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\Windows\System32\Drivers\ql2300.sys [MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 23:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\Windows\System32\Drivers\ql40xx.sys [MD5.26E0D15FB1835F7ED638F157CCD2E04D] - [02/02/2010 03:11:34] - (.Copyright © 1991-2009 McAfee, Inc. - McAfee Endpoint Encryption Reserved Files Lock Driver.) - [56.82 Ko] - (5.2.2.4) - C:\Windows\System32\Drivers\RsvLock.sys [MD5.47032C855DDCB5AD7236286689EDE288] - [11/01/2011 05:51:21] - (.Copyright (C) 2010 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver .) - [341.6 Ko] - (7.27.920.2010) - C:\Windows\System32\Drivers\Rt64win7.sys [MD5.68E799ADC93086EA170D3314DF23BEDB] - [20/09/2011 11:53:34] - (.Copyright (c) Realtek Semiconductor Corp.1998-2012 - Realtek(r) High Definition Audio Function Driver.) - [3002.6 Ko] - (6.0.1.6463) - C:\Windows\System32\Drivers\RTKVHD64.sys [MD5.BCC2DF3F465FFA72C9E91EC69713B4F1] - [28/06/2016 09:35:46] - (.Copyright (C) 2014 Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver 30014.) - [3329.2 Ko] - (1026.13.625.2014) - C:\Windows\System32\Drivers\rtwlanu.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [02/02/2010 03:11:32] - (.-.) - [55.32 Ko] - (0.0.0.0) - C:\Windows\System32\Drivers\SafeBoot.sys [MD5.FD8714A36C4646DE22DDC7E36F6D09EF] - [04/06/2009 21:32:52] - (.Copyright © 1991-2008 McAfee, Inc. - SafeBoot FIPS AES Algorithm (256 bit).) - [58.75 Ko] - (5.1.7.0) - C:\Windows\System32\Drivers\SbAlg.sys [MD5.43027F1996F3AC6BD54B8A871996B7B3] - [02/02/2010 03:11:36] - (.Copyright © 1991-2009 McAfee, Inc. - McAfee Endpoint Encryption FS Locker.) - [15.32 Ko] - (5.2.2.4) - C:\Windows\System32\Drivers\SbFsLock.sys [MD5.A041ED242D6D291A77475AE0459627A1] - [02/02/2010 03:11:38] - (.Copyright © 1991-2009 McAfee, Inc. - McAfee Endpoint Encryption Hibernation Filter.) - [14.82 Ko] - (5.2.2.4) - C:\Windows\System32\Drivers\SbHiber.sys [MD5.3EA8A16169C26AFBEB544E0E48421186] - [14/07/2009 04:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\Windows\System32\Drivers\secdrv.sys [MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - [14/07/2009 02:00:40] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Pilote Brother Série I/F (WDM).) - [92 Ko] - (6.1.7600.16385) - C:\Windows\System32\Drivers\serial.sys [MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 22:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\Windows\System32\Drivers\sisraid2.sys [MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 23:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\Windows\System32\Drivers\sisraid4.sys [MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 23:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\Windows\System32\Drivers\stexstor.sys [MD5.531121E7ED50084B493A69F8F8A7A927] - [27/02/2015 08:48:26] - (.-.) - [36.74 Ko] - (1.0.3.0) - C:\Windows\System32\Drivers\TrueSight.sys [MD5.F957092C63CD71D85903CA0D8370F473] - [10/06/2015 23:08:36] - (.© Apple, Inc. - Apple Mobile Device USB Driver.) - [53.5 Ko] - (1.67.0.0) - C:\Windows\System32\Drivers\usbaapl64.sys [MD5.E5689D93FFE4E5D66C0178761240DD54] - [14/07/2009 01:19:50] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [17.08 Ko] - (6.0.6000.170) - C:\Windows\System32\Drivers\viaide.sys [MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 22:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\Windows\System32\Drivers\vsmraid.sys [MD5.6C50ADED23D160C95FC9859748C253DD] - [02/02/2010 03:11:24] - (.Copyright © 1991-2009 McAfee, Inc. - McAfee Endpoint Encryption Reserved Files Lock Driver.) - [39.15 Ko] - (5.2.2.4) - C:\Windows\Syswow64\Drivers\rsvlock.sys [MD5.31B48CB3D35D076291E3B8AFD9A7F203] - [02/02/2010 03:11:22] - (.Copyright © 1991-2009 McAfee, Inc. - McAfee Endpoint Encryption Driver.) - [107.93 Ko] - (5.2.2.4) - C:\Windows\Syswow64\Drivers\SafeBoot.sys [MD5.67215032A3039E5B78BBBBB4F21B904E] - [02/02/2010 03:11:46] - (.Copyright © 1991-2008 McAfee, Inc. - SafeBoot FIPS AES Algorithm (256 bit).) - [50.59 Ko] - (5.1.7.0) - C:\Windows\Syswow64\Drivers\SbAlg.sys [MD5.CD8E12BB9B16C55DEF2AC52B78A09F09] - [02/02/2010 03:11:28] - (.Copyright © 1991-2009 McAfee, Inc. - McAfee Endpoint Encryption FS Locker.) - [12.95 Ko] - (5.2.2.4) - C:\Windows\Syswow64\Drivers\SbFsLock.sys [MD5.5071D2D58E72DCF57591D1F1CFFB75AB] - [02/02/2010 03:11:30] - (.Copyright © 1991-2009 McAfee, Inc. - McAfee Endpoint Encryption Hibernation Filter.) - [10.96 Ko] - (5.2.2.4) - C:\Windows\Syswow64\Drivers\SbHiber.sys ---------- | Uninstall [HKU\S-1-5-21-1337958871-3204205146-398528937-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Critical Security Update] : (Critical Security Update.-.JNLP) -> C:\Windows\system32\javaws.exe -uninstall -prompt "http://kp.4ravent.info/3c2b034b67d38be22d7d888220df84a4/79b52c6f7b8ca433556ed03745389bca.jnlp" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HPProtectTools] : (HP ProtectTools Security Manager.-.Hewlett-Packard) -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\setup.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MyDefrag v4.3.1_is1] : (MyDefrag v4.3.1.-.J.C. Kessels) -> "C:\Program Files\MyDefrag v4.3.1\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{2E4AF2A6-50EA-4260-9BA4-5E582D11879A} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{34E6F14D-68F9-486D-87BA-6AA8431F3F44}] : (Drive Encryption for HP ProtectTools.-.Hewlett-Packard) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4E993C43-8E89-46A2-A89C-54A0CB5421DA}] : (Ma-Config.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{4E993C43-8E89-46A2-A89C-54A0CB5421DA} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{55B52830-024A-443E-AF61-61E1E71AFA1B}] : (Device Access Manager for HP ProtectTools.-.Hewlett-Packard) -> MsiExec.exe /X{55B52830-024A-443E-AF61-61E1E71AFA1B} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}] : (iTunes.-.Apple Inc.) -> MsiExec.exe /I{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A1DC4DF6-7493-45B2-B8AA-0A8805866CB9}] : (HP ProtectTools Security Manager.-.Hewlett-Packard) -> MsiExec.exe /X{A1DC4DF6-7493-45B2-B8AA-0A8805866CB9} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}] : (iCloud.-.Apple Inc.) -> MsiExec.exe /I{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}] : (Apple Application Support (64 bits).-.Apple Inc.) -> MsiExec.exe /I{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}] : (HP Auto.-.Hewlett-Packard Company) -> MsiExec.exe /I{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D79A02E9-6713-4335-9668-AAC7474C0C0E}] : (HP Vision Hardware Diagnostics.-.Hewlett-Packard) -> MsiExec.exe /X{D79A02E9-6713-4335-9668-AAC7474C0C0E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] : (Adobe Flash Player 22 ActiveX.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_210_ActiveX.exe -maintain activex [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast] : (Avast Free Antivirus.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Drive Encryption] : (Drive Encryption for HP ProtectTools.-.Hewlett-Packard) -> msiexec.exe /i {34E6F14D-68F9-486D-87BA-6AA8431F3F44} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FileHippo.com] : (FileHippo.com Update Checker.-.) -> "C:\Program Files (x86)\FileHippo.com\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\Installer\setup.exe" --uninstall --multi-install --chrome --system-level [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HP Keyboard_is1] : (HP Desktop Keyboard.-.Hewlett-Packard) -> "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HP Remote Solution] : (HP Remote Solution.-.Hewlett-Packard) -> "C:\ProgramData\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}\HP_Remote_Solution_Install.exe" REMOVE=TRUE MODIFY=FALSE [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}] : (InterVideo WinDVD 8.-.InterVideo Inc.) -> "C:\Program Files (x86)\InstallShield Installation Information\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}\setup.exe" -runfromtemp -l0x0409 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Lamy CD-Rom] : (Lamy CD-Rom.-.) -> "C:\Program Files (x86)\LamyCD\Uninstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.0.4.1028.-.Malwarebytes Corporation) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 47.0 (x86 fr)] : (Mozilla Firefox 47.0 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MuseScore] : (MuseScore 1.3.-.Werner Schweer and Others) -> C:\Program Files (x86)\MuseScore\Uninstall.exe [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\My HP Game Console] : (HP Game Console.-.WildTangent) -> "C:\Program Files (x86)\HP Games\HP Game Console\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PDF Complete] : (PDF Complete Special Edition.-.PDF Complete, Inc) -> C:\Program Files (x86)\PDF Complete\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Tarrasch Chess GUI_is1] : (Tarrasch Chess GUI V2.00a.-.Triple Happy Ltd.) -> "C:\Program Files (x86)\Tarrasch\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangent hp Master Uninstall] : (HP Games.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-genres] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-main] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-clubpenguin] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - Club Penguin\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-darkorbit] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - Dark Orbit\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-seafight] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - Seafight\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-shaiya] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - Shaiya\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-worldofwarcraft] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\HP Games\Web Link - World of Warcraft\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087330] : (Bounce Symphony.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Bounce Symphony\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087361] : (FATE.-.WildTangent) -> "C:\Program Files (x86)\HP Games\FATE\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087380] : (John Deere Drive Green.-.WildTangent) -> "C:\Program Files (x86)\HP Games\John Deere Drive Green\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087394] : (Penguins!.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087396] : (Polar Bowler.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087428] : (Bejeweled 2 Deluxe.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087453] : (Chuzzle Deluxe.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087480] : (Insaniquarium Deluxe.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087485] : (Jewel Quest II.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Jewel Quest II\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087490] : (Jewel Quest Solitaire.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Jewel Quest Solitaire\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087501] : (Plants vs. Zombies.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Plants vs. Zombies\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087510] : (Slingo Deluxe.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087513] : (Virtual Villagers - The Secret City.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087519] : (Wedding Dash.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Wedding Dash\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087533] : (Zuma Deluxe.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT087536] : (Diner Dash 2 Restaurant Rescue.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT089303] : (Build-a-Lot - The Elizabethan Era.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Build-a-Lot - The Elizabethan Era\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT089308] : (Blasterball 3.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT089328] : (Farm Frenzy.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Farm Frenzy\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT089359] : (Cake Mania.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Cake Mania\Uninstall.exe" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WT089362] : (Agatha Christie - Peril at End House.-.WildTangent) -> "C:\Program Files (x86)\HP Games\Agatha Christie - Peril at End House\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ZHPDiag_is1] : (ZHPDiag 2014.-.Nicolas Coolman) -> "C:\Program Files (x86)\ZHPDiag\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{05BA6A83-C7A7-4F85-88F1-150142305229}] : (HP Setup.-.Hewlett-Packard Company) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{05BA6A83-C7A7-4F85-88F1-150142305229}\setup.exe" -l0x9 -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}] : (HP Customer Experience Enhancements.-.Hewlett-Packard) -> MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] : (Google Toolbar for Internet Explorer.-.Google Inc.) -> MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2091F234-EB58-4B80-8C96-8EB78C808CF7}] : (Facebook Video Calling 3.1.0.521.-.Skype Limited) -> MsiExec.exe /X{2091F234-EB58-4B80-8C96-8EB78C808CF7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] : (Google Toolbar for Internet Explorer.-.Google Inc.) -> "C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_F3B2E431EE169D71.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}] : (Skype™ 7.0.-.Skype Technologies S.A.) -> MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26356515-5821-40FA-9C3D-9785052A1062}] : (Apple Application Support (32 bits).-.Apple Inc.) -> MsiExec.exe /I{26356515-5821-40FA-9C3D-9785052A1062} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217067FB}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217051FF}] : (Java 7 Update 67.-.Oracle) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217051FF} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217055FB}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}] : (Recovery Manager.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}] : (OpenOffice.org 3.2.-.OpenOffice.org) -> MsiExec.exe /I{4EE2EF4B-25D3-4D44-8384-A2B96F811F55} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56EC47AA-5813-4FF6-8E75-544026FBEA83}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{56EC47AA-5813-4FF6-8E75-544026FBEA83} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}] : (InterVideo WinDVD 8.-.InterVideo Inc.) -> "C:\Program Files (x86)\InstallShield Installation Information\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}\setup.exe" -runfromtemp -l0x0409 [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] : (swMSM.-.Adobe Systems, Inc) -> MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}] : (File Sanitizer For HP ProtectTools.-.Hewlett-Packard) -> MsiExec.exe /I{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}] : (Hewlett-Packard ACLM.NET v1.2.2.3.-.Hewlett-Packard Company) -> MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}] : (HP Support Information.-.Hewlett-Packard) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824191728}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824191728} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AB0000000001}] : (Adobe Reader XI (11.0.17) - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AB0000000001} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}] : (HP MAINSTREAM KEYBOARD.-.Hewlett-Packard) -> C:\Program Files (x86)\InstallShield Installation Information\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}\setup.exe -runfromtemp -l0x0009 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B8AC1A89-FFD1-4F97-8051-E505A160F562}] : (HP Odometer.-.Hewlett-Packard) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BE1C9464-DEBB-4DA6-B19A-8EC634F22D73}] : (HP Connect Solutions.-.Hewlett-Packard) -> MsiExec.exe /X{BE1C9464-DEBB-4DA6-B19A-8EC634F22D73} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C611CF88-969D-43E6-A877-D6D6439DD081}] : (HP Remote Solution.-.Hewlett-Packard) -> C:\ProgramData\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}\HP_Remote_Solution_Install.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D3580358-0F78-402A-BE53-2E9D06383E04}] : (NETGEAR WNA3100M N300 Wireless USB Adapter.-.NETGEAR) -> C:\Program Files (x86)\InstallShield Installation Information\{D3580358-0F78-402A-BE53-2E9D06383E04}\setup.exe -runfromtemp -l0x040c -removeonly -PanelRemove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}] : (HP Support Assistant.-.Hewlett-Packard Company) -> "C:\Program Files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe" -runfromtemp -l0x0409 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Graphics Media Accelerator Driver.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}] : (QuickTime 7.-.Apple Inc.) -> MsiExec.exe /I{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C} ---------- | Installer [HKCR\Installer\Products\00005109C80000000000000000F01FEC] : Office 15 Click-to-Run Extensibility Component [HKCR\Installer\Products\00005109C800C0400000000000F01FEC] : Office 15 Click-to-Run Localization Component [HKCR\Installer\Products\00005109F80000000100000000F01FEC] : Office 15 Click-to-Run Licensing Component [HKCR\Installer\Products\03825B55A420E344FA16161E7EA1AFB1] : Device Access Manager for HP ProtectTools -> c:\Windows\Installer\{55B52830-024A-443E-AF61-61E1E71AFA1B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0AB19942EE0FDA44C98CE55CA0CE6F7B] : Skype™ 7.0 -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe [HKCR\Installer\Products\18555481990E8AB4CBB63FB4F26006C0] : Google Toolbar for Internet Explorer [HKCR\Installer\Products\30FDA6D6752B5AE4BB1CD141A58F5D41] : File Sanitizer For HP ProtectTools -> c:\Windows\Installer\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}\ARPPRODUCTICON.exe [HKCR\Installer\Products\31B3A53EDC877694A88CAAF9AD96E3ED] : HP Support Assistant -> C:\Windows\Installer\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\34C399E498E82A648AC9450ABC4512AD] : Ma-Config.com (64 bits) -> C:\Windows\Installer\{4E993C43-8E89-46A2-A89C-54A0CB5421DA}\maconfico [HKCR\Installer\Products\3551562C3AC622842B6ECBA4ACE6E02A] : Apple Application Support (64 bits) -> C:\Windows\Installer\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}\WinInstall.ico [HKCR\Installer\Products\4649C1EBBBED6AD41BA9E86C432FD237] : HP Connect Solutions -> c:\Windows\Installer\{BE1C9464-DEBB-4DA6-B19A-8EC634F22D73}\HPConnectSolutionsIcon [HKCR\Installer\Products\4EA42A62D9304AC4784BF238120715FF] : Java 7 Update 67 [HKCR\Installer\Products\4F11A2F78EAE523438CE3E9EF95861E9] : HP Support Information [HKCR\Installer\Products\515653621285AF04C9D3795850A20126] : Apple Application Support (32 bits) -> C:\Windows\Installer\{26356515-5821-40FA-9C3D-9785052A1062}\WinInstall.ico [HKCR\Installer\Products\52744B0D6663D294EB6F85A741DBB99D] : MSVCRT_amd64 [HKCR\Installer\Products\57DB95FFA664A5D4DA32AA8DC7F54DC4] : QuickTime 7 -> C:\Windows\Installer\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}\Installer.ico [HKCR\Installer\Products\68AB67CA408033019195008142917182] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824191728}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744BA0000000010] : Adobe Reader XI (11.0.17) - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico [HKCR\Installer\Products\69A46712847638B4987EA70536FB51C6] : Movie Maker [HKCR\Installer\Products\6A2FA4E2AE050624B94AE585D21178A9] : Apple Mobile Device Support -> C:\Windows\Installer\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}\Installer.ico [HKCR\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE] : MSXML 4.0 SP2 (KB973688) [HKCR\Installer\Products\6FD4CD1A39472B548BAAA0885068C69B] : HP ProtectTools Security Manager -> c:\Windows\Installer\{A1DC4DF6-7493-45B2-B8AA-0A8805866CB9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\746BDFDA0C534524E96ED2C9B31740DB] : iCloud -> C:\Windows\Installer\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}\ARP.ico [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7C43C21609E58D74B9C5F017D78D7262] : swMSM -> C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe [HKCR\Installer\Products\807E9EB00CD53694C9DFA05A9190E097] : Junk Mail filter update [HKCR\Installer\Products\864FBEF52CA566C4DA08FD580C58AA37] : WinDVD -> C:\Windows\Installer\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8BFDDD6597F70844985D521E5FA22BF8] : Bonjour -> C:\Windows\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico [HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110 [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\958FB4F94A3C6BA4DB1DC9D585815889] : iTunes -> C:\Windows\Installer\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}\Installer.ico [HKCR\Installer\Products\98A1CA8B1DFF79F408155E501A065F26] : HP Odometer [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\9E20A97D317653346986AA7C74C4C0E0] : HP Vision Hardware Diagnostics -> c:\Windows\Installer\{D79A02E9-6713-4335-9668-AAC7474C0C0E}\HPICON [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\AA74CE6531856FF4E857450462BFAE38] : Apple Software Update -> C:\Windows\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\Installer.ico [HKCR\Installer\Products\B4EB76DD26E75124FA3A1F328A003A98] : Movie Maker [HKCR\Installer\Products\B4FE2EE43D5244D438482A9BF618F155] : OpenOffice.org 3.2 -> C:\Windows\Installer\{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}\soffice.exe [HKCR\Installer\Products\B9FB157332F56794AA26B14F7D19CDEF] : Photo Common [HKCR\Installer\Products\BA0A2B44E214C8F40B851D8EEACCFD5F] : PowerRecover -> c:\Windows\Installer\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D41F6E439F86D68478ABA68A34F1F344] : Drive Encryption for HP ProtectTools -> c:\Windows\Installer\{34E6F14D-68F9-486D-87BA-6AA8431F3F44}\controlPanelIcon.exe [HKCR\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217] : MSXML 4.0 SP2 (KB954430) [HKCR\Installer\Products\E66BAA708174D2242981A4BFC329A217] : Photo Gallery [HKCR\Installer\Products\F187AF9E08E3993428A5DAE3112CC877] : MSVCRT110_amd64 [HKCR\Installer\Products\F4339ACB9C6B56F4A937CAA523A9D440] : PlayReady PC Runtime amd64 [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\FF43B934E47F70845B2EB4575815ADB6] : Galerie de photos ---------- | ADS @C:\ProgramData\Temp:D1B5B4F1 ---------- | Drives Disk: 0 Size=305G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 07-NTFS 100M Yes No 2,048 204,800 1 1 07-NTFS 292G No No 206,848 598,388,736 2 2 07-NTFS 13G No No 598,595,584 26,544,128 ---------- | MBR Windows Version: Windows 7 Professional Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: FOXCONN BIOS Manufacturer: American Megatrends Inc. System Manufacturer: Hewlett-Packard System Product Name: HP 500B Microtower Logical Drives Mask: 0x0001005c Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Task Scheduling Error: m->NextScheduledSPRetry 1732251 ------------ Task Scheduling Error: m->NextScheduledEvent 1732251 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Task Scheduling Error: m->NextScheduledSPRetry 15631 ------------ Task Scheduling Error: m->NextScheduledEvent 15631 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Task Scheduling Error: m->NextScheduledSPRetry 2120287 ------------ Task Scheduling Error: m->NextScheduledEvent 2120287 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Nom de l’application défaillante rundll32.exe, version : 6.1.7600.16385, horodatage : 0x4a5bc637 Nom du module défaillant : SysMenu.dll, version : 1.0.0.5, horodatage : 0x52b449c7 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0006ce5c ID du processus défaillant : 0x1ba4 Heure de début de l’application défaillante : 0x01d1fad25a42ff38 Chemin d’accès de l’application défaillante : C:\Windows\SysWOW64\rundll32.exe Chemin d’accès du module défaillant: C:\PROGRA~1\COMMON~1\System\SysMenu.dll ID de rapport : fd3a0d71-66c5-11e6-a7f0-d48564c2c6f2 ------------ Task Scheduling Error: m->NextScheduledSPRetry 101153934 ------------ Task Scheduling Error: m->NextScheduledEvent 101153934 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Nom de l’application défaillante rundll32.exe, version : 6.1.7600.16385, horodatage : 0x4a5bc637 Nom du module défaillant : SysMenu.dll, version : 1.0.0.5, horodatage : 0x52b449c7 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0006ce5c ID du processus défaillant : 0xb4 Heure de début de l’application défaillante : 0x01d1f9e4842cd776 Chemin d’accès de l’application défaillante : C:\Windows\SysWOW64\rundll32.exe Chemin d’accès du module défaillant: C:\PROGRA~1\COMMON~1\System\SysMenu.dll ID de rapport : d0bebecd-65d7-11e6-a7f0-d48564c2c6f2 ------------ Task Scheduling Error: m->NextScheduledSPRetry 14383 ------------ Task Scheduling Error: m->NextScheduledEvent 14383 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Task Scheduling Error: m->NextScheduledSPRetry 7379 ------------ Task Scheduling Error: m->NextScheduledEvent 7379 ------------ ----------( EOF)---------- - 5140 | 16:09:56